伴随着B/S架构的流行和Web2.0时代的迅速发展,由于对不可信用户数据缺乏正确的校验机制,造成跨站脚本漏洞广泛地存在于各类网站中,并严重威胁用户安全.其主要原因在于服务端代码和客户端脚本的混合,使得当前技术无法准确而有效地生成攻击向量,探测跨站脚本漏洞.本文基于静态数据流特征分析,依据脚本注入位置和攻击向量模式设计了新的分析模糊器,通过采用字符串约束求解技术来验证攻击向量的有效性,并实现了白盒测试框架的原型系统XSS-Explore.实验结果表明,与同类工具相比,该系统能够较全面而准确地检测跨站脚本漏洞.%With the popularity of the Web2. 0 applications* cross-site scripting vulnerability which can cause a serious threat to the safety of users exists in a wide range of websites, due to the lack of proper verification mechanisms. Currently, the mixture of the server-side and client-side codes makes accurate and effective detection of cross-site scripting vulnerability more difficult. In our study, based on a static data flow analysis combined with a string constraint solving technique, we design a white-box testing framework for detecting cross-site scripting vulnerability. We implement our framework in a prototype tool called XSS-Explore, and the experimental results show that the system can better generate a more effective attack vector and detect cross-site scripting attacks compared with similar products.
展开▼