北极寒流 » 网络资源 » HTTP响应拆分漏洞(CRLF注入攻击)解决办法 - 2012.09.03

HTTP响应拆分漏洞(CRLF注入攻击)解决办法

HTTP响应拆分漏洞(也叫CRLF注入攻击)解决办法。出现HTTP响应拆分漏洞的网站攻击者可能注入自定义HTTP头。例如,攻击者可以注入会话cookie或HTML代码。这可能会进行类似的XSS(跨站点脚本)或会话固定漏洞。

出现HTTP响应拆分漏洞这种现象往往表现在带有参数传递的网页,例如http://www.xxxx.com/?page=传递的参数。大家经常见到的wordpress评论调转即有类似现象$redirect = $_GET['r'];

运用PHP语法中的正则表达式ereg_replace或者字符串处理函数str_replace进行操作。代码如下:

在原来的$redirect = $_GET['r'];下面加入

$redirect = trim($redirect);
$redirect = strip_tags($redirect,""); //清除HTML如<br />等代码
$redirect = ereg_replace("\t","",$redirect); //去掉制表符号
$redirect = ereg_replace("\r\n","",$redirect); //去掉回车换行符号
$redirect = ereg_replace("\r","",$redirect); //去掉回车
$redirect = ereg_replace("\n","",$redirect); //去掉换行
$redirect = ereg_replace(" ","",$redirect); //去掉空格
$redirect = ereg_replace("'","",$redirect); //去掉单引号

或者

$redirect = trim($redirect);
$redirect = strip_tags($redirect,""); //清除HTML如<br />等代码
$redirect = str_replace("\n", "", str_replace(" ", "", $redirect));//去掉空格和换行
$redirect = str_replace("\t","",$redirect); //去掉制表符号
$redirect = str_replace("\r\n","",$redirect); //去掉回车换行符号
$redirect = str_replace("\r","",$redirect); //去掉回车
$redirect = str_replace("'","",$redirect); //去掉单引号
$redirect = trim($redirect);

03

HTTP响应拆分漏洞(CRLF注入攻击)解决办法

分享到: