目标URL存在跨站漏洞和目标URL存在http host头攻击漏洞处理方案
2018-01-12 20:22
627 查看
直接写过滤器:
package com.todaytech.yth.gdsd.base.Filter; import java.io.IOException; import java.util.Iterator; import java.util.Map; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; public class SessionFilter implements Filter { private static Logger log = Logger.getLogger(SessionFilter.class); public void destroy() { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String requestStr = getRequestString(request); System.out.println("requestStr: ======================== " + requestStr); System.out.println("完整的地址是====" + request.getRequestURL().toString()); System.out.println("提交的方式是========" + request.getMethod()); log.info("requestStr: ======================== " + requestStr); log.info("完整的地址是====" + request.getRequestURL().toString()); log.info("提交的方式是========" + request.getMethod()); if ("bingo".equals(guolv2(requestStr)) || "bingo".equals(guolv2(request.getRequestURL().toString()))) { System.out.println("======访问地址发现非法字符,已拦截======"); log.info("======访问地址发现非法字符,已拦截======其非法地址为:"+guolv2(request.getRequestURL().toString())); response.sendRedirect(request.getContextPath() + "/login.jsp"); return; } // 主机ip和端口 或 域名和端口 String myhosts = request.getHeader("host"); if (!StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx")) { System.out.println("======访问host非法,已拦截======其非法host为:"+myhosts); log.info("======访问host非法,已拦截======其非法host为:"+myhosts); response.sendRedirect(request.getContextPath() + "/login.jsp"); return; } String currentURL = request.getRequestURI(); // add by wangsk 过滤请求特殊字符,扫描跨站式漏洞 Map parameters = request.getParameterMap(); if (parameters != null && parameters.size() > 0) { for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) { String key = (String) iter.next(); String[] values = (String[]) parameters.get(key); for (int i = 0; i < values.length; i++) { values[i] = guolv(values[i]); System.out.println(values[i]); } } } } public void init(FilterConfig filterConfig) throws ServletException { } public static String guolv(String a) { a = a.replaceAll("%22", ""); a = a.replaceAll("%27", ""); a = a.replaceAll("%3E", ""); a = a.replaceAll("%3e", ""); a = a.replaceAll("%3C", ""); a = a.replaceAll("%3c", ""); a = a.replaceAll("<", ""); a = a.replaceAll(">", ""); a = a.replaceAll("\"", ""); a = a.replaceAll("'", ""); a = a.replaceAll("\\+", ""); a = a.replaceAll("\\(", ""); a = a.replaceAll("\\)", ""); a = a.replaceAll(" and ", ""); a = a.replaceAll(" or ", ""); a = a.replaceAll(" 1=1 ", ""); return a; } private String getRequestString(HttpServletRequest req) { String requestPath = req.getServletPath().toString(); String queryString = req.getQueryString(); if (queryString != null) return requestPath + "?" + queryString; else return requestPath; } public String guolv2(String a) { if (StringUtils.isNotEmpty(a)) { if (a.contains("%22") || a.contains("%3E") || a.contains("%3e") || a.contains("%3C") || a.contains("%3c") || a.contains("<") || a.contains(">") || a.contains("\"") || a.contains("'") || a.contains("+") || /* * a.contains("%27") * || */ a.contains(" and ") || a.contains(" or ") || a.contains("1=1") || a.contains("(") || a.contains(")")) { return "bingo"; } } return a; } }
相关文章推荐
- Web漏洞处理--http host头攻击漏洞处理方案/检测到目标URL存在宽字节跨站漏洞/ 检测到目标URL存在SQL注入漏洞
- 目标URL存在跨站漏洞和目标URL存在http host头攻击漏洞处理方案
- Java Web项目漏洞: 检测到目标URL存在http host头攻击漏洞解决办法
- URL存在http host头攻击漏洞-修复方案
- 检测到目标URL存在http host头攻击漏洞
- 检测到目标URL存在http host头攻击漏洞
- Java Web项目漏洞:检测到目标URL存在http host头攻击漏洞解决办法
- 目标URL存在http host头攻击漏洞tomcat修复方法
- java 漏洞处理--http host头攻击漏洞处理方案
- XXx外网检测到目标URL存在基于DOM的跨站脚本漏洞
- 基于node-http-proxy的脚本:功能更新,现在支持把GFW屏蔽的URL作快速404失败返回处理;支持把墙外的CDN url映射为本地host
- JAVA:URL存在跨站漏洞,注入漏洞解决方案
- python3基础学习(http host头攻击漏洞POC)
- 请求验证过程检测到有潜在危险的客户端输入值,对请求的处理已经中止。该值可能指示存在危及应用程序安全的尝试,如跨站点脚本攻击。若要允许页面重写应用程序请求验证设置
- 访问url中存在中文,apache 重写出现403问题处理方案
- JAVA:URL存在跨站漏洞,注入漏洞解决方案
- 检测到目标URL存在SQL注入漏洞
- 【干货篇】调用其他系统http接口超时了,如何处理,方案汇总
- 了解 JDK 中有关HTTP URL 处理的API
- Java客户端HttpClient和HttpURLConnection修改请求头Host问题