Whenever we think of a time when hackers, hackers tend to like this portrait: a loner, quietly entered other people's servers, to destroy or steal other people's secrets. Maybe he will change our home page, fraudulent claims will steal customers credit card numbers and passwords. In addition, the hacker will attack to visit our website customers. At the same time, our server became his accomplice. Microsoft calls this attack as a "cross-site script" attacks. The majority of these attacks took place in dynamically generated web page at the right time but the hacker's goal is not to your site, but visit the website of the customer.
Description of cross-site script attack
In a book entitled <
We know that some friends had been induced to free a number of suspicious sites, they get only 10 to 20 small window, these windows are often accompanied by the formation of the failure of JAVA or avascript security button, this is known as the mouse trap. Close the window is in vain, when we close a window, another window will pop up a few 10. This often happens when the administrator did not in the Hou Fasheng. Hackers use the mouse event is cross-site attack methods SCRIPT example of the customer.
SCRIPT tags and malicious mischief are not simple, they can even steal information and destroyed the system. Not a clever or even smart hackers are able to interfere with or change the server using the SCRIPT data input. SCRIPT code can also attack using client systems, do damage to your hard drive. And you know, when you use the server side, hackers SCRIPT is also a safe place where your server is running to! If the customer a letter on your server is identified, the same confidence that they will SCRIPT malicious code. Even this code is in the form of
Translator