Download
1 / 13
130 likes | 225 Vues
Learn how to defend against Stored and Reflected XSS attacks with a comprehensive server solution. Discover techniques to secure cookies and prevent malicious code execution on web servers.
E N D
A Server Solution for Cookie-Stealing-Based XSS Attacks Jhen-Li Wang, Shih-Jen Chen, Chia-Hao Lee, Fu-Hau Hsu CSIE@NCU–ADLab, Networks & Multimedia Institute For Information Industry
Stored XSS Reflected XSS Stored XSS Reflected XSS X S S
How to defend XSS?
We do this… Modify KERNEL
sys_read • do_sock_read • sock_recvmsg • skb_copy_ • datagram_iovec • tcp_recvmsg • inet_recvmsg • memcpy_toiovec • copy_to_user
Web Server Application User mode Kernel mode Cookie Verifier Cookie Cleaner CookieAbstractor Cookie Table Payload Collector Packet 比對cookie 和 IP 檢查table node的時間, 看是否須清除 捉cookie, source IP, 算時間 (Hash table) 儲存cookie(key),IP, 時間 捉封包資料
