翻訳と辞書
Words near each other
・ Sembiyankandiyur
・ Sembla language
・ Semblance
・ Semblance analysis
・ Semblante Urbano
・ Semblançay
・ Semblative case
・ Semble
・ Semantic targeting
・ Semantic technology
・ Semantic Technology Institute International
・ Semantic theory of truth
・ Semantic translation
・ Semantic unification
・ Semantic URL
Semantic URL attack
・ Semantic view of theories
・ Semantic warehousing
・ Semantic Web
・ Semantic web data space
・ Semantic Web Rule Language
・ Semantic Web Services
・ Semantic Web Stack
・ Semantic wiki
・ Semantic Wiki Information Management
・ Semantic-oriented programming
・ Semantically-Interlinked Online Communities
・ SemanticGov
・ Semanticity
・ Semantics


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Semantic URL attack : ウィキペディア英語版
Semantic URL attack

In a semantic URL attack, a client manually adjusts the parameters of its request by maintaining the URL's syntax but altering its semantic meaning. This attack is primarily used against CGI driven websites.
A similar attack involving web browser cookies is commonly referred to as ''cookie poisoning''.
==Example==
Consider a web-based e-mail application where users can reset their password by answering the security question correctly, and allows the users to send the password
to the e-mail address of their choosing. After they answer the security question correctly, the web page will arrive to the following web form where the users can enter their alternative e-mail address:



Please enter your alternative e-mail address:







The receiving page, resetpassword.php, has all the information it needs to send the password to the new e-mail. The hidden variable username contains the value user001, which is the username of the e-mail account.
Because this web form is using the GET data method, when the user submits alternative@emailexample.com as the e-mail address where the user wants the password to be sent to,
the user then arrives at the following URL:
:http://semanticurlattackexample.com/resetpassword.php?username=user001&altemail=alternative%40emailexample.com
This URL appears in the location bar of the browser, so the user can identify the username and the e-mail address through the URL parameters. The user may decide to steal other people's (user002) e-mail address by visiting the following URL as an experiment:
:http://semanticurlattackexample.com/resetpassword.php?username=user002&altemail=alternative%40emailexample.com
If the resetpassword.php accepts these values, it is vulnerable to a semantic URL attack. The new password of the user002 e-mail address will be generated and sent to alternative@emailexmaple.com which causes user002's e-mail account to be stolen.
One method of avoiding semantic URL attacks is by using session variables.〔(Chris Shiflett. Essential PHP Security: Chapter 2, Forms and URLs )〕 However, session variables can be vulnerable to other types of attacks such as session hijacking and cross-site scripting.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Semantic URL attack」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.