Ajax Security - Quelltexte Kapitel 2

2.3 Command Injection

finger.cgi

#!/usr/local/bin/perl
# finger.cgi - an unsafe finger gateway
require 'cgi-lib.pl';
print &PrintHeader;
if (&ReadParse(*in)) {
  print "<pre>\n";
  print `/usr/bin/finger $in{'username'}`;
  print "</pre>\n";
}
else {
  print "<html> <head>\n";
  print "<title>Finger Gateway</title>\n";
  print "</head>\n<body>\n";
  print "<h1>Finger Gateway</h1>\n";
  print "<form method=POST>\n";
  print "<p>User@Host: <input type=text name=\"username\">\n";
  print "<p><input type=submit>\n";
  print "</form>\n";
  print "</body> </html>\n";
}

2.4.5 DOM-basiertes XSS

Hallo
<script>
  var pos=document.URL.indexOf("name")+5;
  document.write(document.URL.substring(pos,document.URL.length));
</script>
Willkommen auf dieser Seite ...