这个例子源自hackthissite.net的一个挑战，其实要点就是要改表单中一个hidden的邮箱。先上代码，表单在148行，或者你可以用ctrl+f查找"@"来定位这个表单。其余都基本是废话。

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><title>Hack This Site!</title><meta name="verify-v1" content="s/YXn7eQrMBoF9PL5jLJDiWpAxEXpJzE9JLg/zM4C2Y=" /><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><meta name="Author" content="HackThisSite.org Crew." /><meta name="Description" content="HackThisSite! is a legal and safe network security resource where users test their hacking skills on various challenges and learn about hacking and network security. Also provided are articles, comprehensive and active forums, and guides and tutorials. Learn how to hack!" /><meta name="KeyWords" content="challenge, computer, culture, deface, digital, ethics, games, guide, hack, hack forums, hacker, hackers, hacking, hacking challenges, hacking forums, mission, net, programming, radical, revolution, root, rooting, security, site, society, tutorial, tutorials, war, wargame, wargames, web, website" /><link rel="icon" href="https://data.htscdn.org/favicon.ico" type="image/x-icon" /><link rel="shortcut icon" href="https://data.htscdn.org/favicon.ico" type="image/x-icon" /><link href="https://data.htscdn.org/themes/Dark/Dark.css" rel="stylesheet" type="text/css" /><link href="https://www.hackthissite.org/pages/hts.rss.php" rel="alternate" type="application/rss+xml" title="HTS RSS feed" /><base href="https://www.hackthissite.org" /><script type="text/javascript" src="https://data.htscdn.org/js/jquery-1.8.1.min.js"></script>
<script type="text/javascript">
(function() {function async_load(script_url){var protocol = ('https:' == document.location.protocol ? 'https://' : 'http://');var s = document.createElement('script'); s.src = protocol + script_url;var x = document.getElementsByTagName('script')[0]; x.parentNode.insertBefore(s, x);}bm_website_code = '3CBA71AF7B7E4145';jQuery(document).ready(function(){async_load('asset.pagefair.com/measure.min.js')});jQuery(document).ready(function(){async_load('asset.pagefair.net/ads.min.js')});
})();
</script></head>
<body>
<span id="blank-element" style="display: none"></span><div id="topbar" align="center">
<a href="https://www.hackthissite.org" id="active">HackThisSite</a> - <a href="irc://irc.hackthissite.org:+7000/">IRC</a> - <a href="https://www.hackthissite.org/forums">Forums</a> - <a href="http://radio.hackthissite.org">Radio</a> - <a href="http://hts.io/x/http://www.cafepress.com/htsstore" target="_new">Store</a> - <a href="http://hts.io" target="_new">URL Shortener</a>   ---   <a href="http://hts.io/x/https://www.facebook.com/hackthissite" target="_new">Like Us</a> - <a href="http://hts.io/x/https://twitter.com/#!/hackthissite" target="_new">Follow Us</a></div>
<div class="hts-header">
<a href="/"><img src="https://data.htscdn.org/themes/Dark/images/header.jpg" alt="Hack This Site" border="0" /></a>
<br />
<a href="https://www.hackthissite.org/81B6jjN6173zd07H0C44eZLN50uzPfb16498l855DJkd2cT7j3HQbhQnVkg0AM62g8nmf68rqY2jFL5sEh452xOf4B" target="_blank"><img src="https://www.hackthissite.org/iJW6z8Pl520u1Ka0nB93NG16Io3td3DZ0T6LkF8AQ3Kx079NtXOse0wsKObUTOI5I9AeNl38kTABdFYxX25bnL3yz7vpzegSlr16F5jQkozptt8cCpT5gDaGaB3npv0HupQkPFXFz0DEn8" alt="Cybrary - Free Online IT & Cyber Security Training" id="atimg" class="abstaimg" title="Cybrary - Free Online IT & Cyber Security Training" border="0" /></a><br />[<a href="https://www.hackthissite.org/advertise/">Advertise With HackThisSite.org</a>]</div><table width="780" border="0" cellpadding="0" cellspacing="0" class="siteheader cmTable"><tr><td class="sitetopheader"><blockquote>When they discover the center of the universe, a lot of people will be disappointed to discover they are not it.</blockquote></td></tr><tr><td><table width="100%"  border="0" cellspacing="0" cellpadding="0"><tr><td width="160" valign="top" class="navbar"><div align="center"><br /><div style="margin-right: 7px; border: 3px double #555555; background-color: #006600; font-weight: bold">
<img src="https://data.htscdn.org/images/lock.png" style="float: left; margin: 4px 0 0 5px">
You are browsing HackThisSite over SSL
</div>
<br />    <div>Hello, <a href="/user/view/chengdazhi/">chengdazhi</a><br /><a href="/user/edit/2032921/">Settings</a> - <a href="/?logout&nce=Cxn4sGjrEC3wGFWVbMzCR4Igwc4KwIbKdmTANuu9h">Logout</a><br /><br /><a class="nav" href="/user/themes/"> Skin Chooser</a><br /><br /><a class="nav" href="http://www.hackthissite.org/forums/ucp.php?i=pm">Private Messages</a><br /><a class="nav" href="/pages/messages/msys/">HTS Messages Center</a><br />You have 0 new messages.<br /></div><h4 class="header">Donate</h4>
<p><a href="https://www.hackthissite.org/donate/"><imgsrc="https://data.htscdn.org/images/donate.png"border="0"title="Donate to HackThisSite.org"alt="Donate to HackThisSite.org" /></a><br />HTS costs up to $300 a month to operate. We <strong>need</strong> your help!
</p>
<h4 class="header">Challenges</h4>
<ul class="navigation"><li><a class="nav" href="/missions/basic/">Basic missions</a></li><li><a class="nav" href="/missions/realistic/">Realistic missions</a></li><li><a class="nav" href="/missions/application/">Application missions</a></li><li><a class="nav" href="/missions/programming/">Programming missions</a></li><li><a class="nav" href="/missions/phonephreaking/">Phonephreaking missions</a></li><li><a class="nav" href="/missions/javascript/">Javascript missions</a></li><li><a class="nav" href="/missions/forensic/">Forensic missions</a></li><li><a class="nav" href="/missions/playit/extbasic/0/">Extbasic missions</a></li><li><a class="nav" href="/missions/playit/stego/0/">Stego missions</a></li><li><a class="nav" href="irc://irc.hackthissite.org/htb">Irc missions</a></li></ul><h4 class="header">Get Informed</h4><ul class="navigation"><li><a class="nav" href="/blogs">Blogs</a></li><li><a class="nav" href="/news">News</a></li><li><a class="nav" href="/pages/articles/article.php">Articles</a></li><li><a class="nav" href="/lectures">Lectures</a></li><li><a class="nav" href="/pages/programs/programs.php">Useful Stuff</a></li><!--<li><a class="nav" href="ebooks">E-books</a></li>--><li><a class="nav" href="http://mirror.hackthissite.org/hackthiszine/">HackThisZine</a></li><li><a class="nav" href=""></a></li></ul><h4 class="header">Get Involved</h4><ul class="navigation"><li><a class="nav" href="/donate"><span class="completed">Donate to HackThisSite!</span></a></li><li><a class="nav" href="http://www.cafepress.com/htsstore">Store</a></li><li><a class="nav" href="/submit/article">Submit Article</a></li><li><a class="nav" href="/pages/bugManagement/index.php">Submit Bug Report</a></li><li><a class="nav" href="/submit/lecture">Submit Lecture</a></li><li><a class="nav" href="/pages/programs/insert.php">Submit Useful Stuff</a></li><!--<li><a class="nav" href="/pages/showsource/loopdeloop.php">We Want You!</a></li>--><li><a class="nav" href=""></a></li></ul><h4 class="header">Communicate</h4><ul class="navigation"><li><a class="nav" href="/forums">Forums</a></li><li><a class="nav" href="https://www.hackthissite.org/forums/ucp.php?i=pm">Private Messages</a></li><li><a class="nav" href="http://www.irc.hackthissite.org/idlerpg">IRC IdleRPG</a></li><li><a class="nav" href="https://www.hackthissite.org/irc/stats.php">IRC Stats</a></li><li><a class="nav" href="http://qdb.hackthissite.org">IRC Quotes</a></li><li><a class="nav" href="/user/search">Search Users</a></li><li><a class="nav" href="/user/gallery">User Pictures</a></li><li><a class="nav" href="/user/online">Who is Online</a></li><li><a class="nav" href="/user/rankings/">Rankings</a></li><li><a class="nav" href="/pages/irc/irc.php">IRC Chat</a></li><li><a class="nav" href="/pages/irc/reference.php">IRC Command Reference</a></li><li><a class="nav" href=""></a></li></ul><h4 class="header">About HTS</h4><ul class="navigation"><li><a class="nav" href="/info/about">About the Project</a></li><li><a class="nav" href="/info/billofrights">Bill of Rights</a></li><li><a class="nav" href="/info/legal">Legal Disclaimer</a></li><li><a class="nav" href="/info/privacy">Privacy Statements</a></li><li><a class="nav" href="/pages/info/staff">Meet the Staff</a></li><li><a class="nav" href="/info/underthehood">Under the Hood</a></li><li><a class="nav" href="/advertise">Advertise with HTS</a></li><li><a class="nav" href="/ipv6">IPv6</a></li><li><a class="nav" href="/hof">Hall of Fame</a></li><li><a class="nav" href=""></a></li></ul><h4 class="header"></h4><ul class="navigation"><li><a class="nav" href=""></a></li></ul>
<br />
<a href="/"><imgsrc="https://data.htscdn.org/images/hts_80x15.gif"width="80"height="15"border="0"alt="" />
</a>
<br />
<a class="nav" href="https://www.hackthissite.org/pages/info/linktous.php">Link to us!
</a><h4 class="header">Partners
</h4>
<br />
<a target="_new" href="http://hts.io/x/http://affiliates.mozilla.org/link/banner/8528"><imgsrc="//affiliates.mozilla.org/media/uploads/banners/ac502446d8392cea778bcdaf8b3e07f8958a0216.png"alt="Download Firefox"width="88" />
</a>
<br />
<a class="nav" target="_new" href="http://hts.io/x/http://www.hackbloc.org/"><img src="https://data.htscdn.org/images/linkhb.gif" border="0" alt="Hackbloc" width="88" height="31" />
</a>
<br />
<a class="nav" target="_new" href="http://hts.io/x/http://www.hellboundhackers.org/"><imgsrc="https://data.htscdn.org/images/hbhlogo.jpg"width="88"height="31"border="0"alt="Hellbound Hackers" />
</a>
<br />
<a class="nav" target="_new" href="http://hts.io/x/https://www.netsparker.com/blog"><imgsrc="https://data.htscdn.org/images/netsparker.gif"alt="Netsparker Security Blog"width="88"height="31"border="0" />
</a>
<br />
<a class="nav" target="_new" href="http://hts.io/x/http://www.acunetix.com/blog"><imgsrc="https://data.htscdn.org/images/acunetixblog.gif"alt="Acunetix Security Blog"width="88"height="31"border="0" />
</a>
<br />
<a class="nav" target="_new" href="http://hts.io/x/http://www.buddyns.com">
<imgsrc="https://data.htscdn.org/images/buddyns88x31.png"alt="BuddyNS Secondary DNS"width="88"height="31"border="0" />
</a>
<br /></td><td valign="top" class="sitebuffer"><br /><br /><center><br /><center><b>Level 5</b></center><br /><br />Sam has gotten wise to all the people who wrote their own forms to get the password. Rather than actually learn the password, he decided to make his email program a little more secure.<br /><br /><center><form action="/missions/basic/5/level5.php" method="post"><input type="hidden" name="to" value="sam@hackthissite.org" /><input type="submit" value="Send password to Sam" /></form></center><br /><br /><center><b>Password:</b><br /><form action="/missions/basic/5/index.php" method="post"><input type="password" name="password" /><br /><br /><input type="submit" value="submit" /></form>
</td></tr></table></td></tr><tr><td class="sitebottomheader"><img src="https://data.htscdn.org/themes/Dark/images/hts_bottomheadern.jpg" alt="End Footer" width="780" height="60" /></td></tr></table><br />
<div align="center" style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px; color:#CCCCCC">HackThisSite is is the collective work of the HackThisSite staff, licensed under a <a rel="license" href="http://hts.io/x/http://creativecommons.org/licenses/by-nc/3.0/" target="_new">CC BY-NC</a> license.<br />
We ask that you inform us upon sharing or distributing.<br /><br />
<sub>Page Generated: Mon, 23 Feb 2015 15:17:25 +0000<br />Web Node: www0 | Page Gen: 0.051s | DB: 15q<br />Current Code Revision: <a href="https://www.hackthissite.org/CHANGELOG">v3.2.3(Fri, 27 Jun 2014 20:13:10 +0000)</a></sub><br />
</div>
</div>
<div align="center"><p><a target="_new" href="http://hts.io/x/http://creativecommons.org/licenses/by-nc/3.0/"><img src="https://data.htscdn.org/images/cc_80x15.png" width="80" height="15" border="0" alt="" /></a><a target="_new" href="http://hts.io/x/http://validator.w3.org/check?uri=referer"><img src="https://data.htscdn.org/images/xhtml10.png" width="80" height="15" border="0" alt="" /></a> <a target="_new" href="http://hts.io/x/http://jigsaw.w3.org/css-validator/check/referer"><img src="https://data.htscdn.org/images/css.png" width="80" height="15" border="0" alt="" /></a> <a target="_new" href="http://hts.io/x/http://www.php.net/"> <img src="https://data.htscdn.org/images/phppow.gif" width="80" height="15" border="0" alt="" /></a><!--<a href="http://www.linux.com/"> <img src="../../images/linux2.gif" width="80" height="15" border="0" alt="" /></a>--><a target="_new" href="http://hts.io/x/http://www.freebsd.org/"> <img src="https://data.htscdn.org/images/freebsd.png" width="80" height="15" border="0" alt="" /></a><img src="https://data.htscdn.org/images/counter.php" height="14" border="0" alt="Page View Counter" /></p>
</div>
<a href="http://hackthissite.org/hp.php"><div style="height: 0px; width: 0px;"></div></a><script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
<!--[if !(lt IE 8)]><!-->
<script type="text/javascript">var tdwfb_config = {greeting: 'Dear HackThisSite User'};(function(){var e = document.createElement('script'); e.type='text/javascript'; e.async = true;e.src = document.location.protocol + '//d1agz031tafz8n.cloudfront.net/thedaywefightback.js/widget.min.js';var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(e, s);})();
</script>
<!--<![endif]--></body>
</html>

一开始我的思路是把这个网页存下来，改代码，再用浏览器打开，没有想到这么做的话服务器返回的竟是invalid referer，可见服务器一定对referer这个请求头做了筛选，referer具体是什么不再细说，随意一百度就出来。

于是我用抓包工具一看，果然用我修改的来提交时缺少referer这个请求头，而用原本的网页提交则不缺少，此时就需要用到javascript注入，它可以在不改变其他的任何东西的同时改表单。其实现在浏览器的审查元素都能做这件事，而不需要专门注入，但这个原理还是比较重要。

贴一下注入的方法：

打开原生网页后，直接在浏览器地址栏输入:

javascript: alert(document.forms[0].to.value="xxx@xxx.com")

然后回车，网页的代码就被修改了

javascript注入攻击为什么厉害相关推荐

1. 浅谈javascript注入攻击

   目录 前言 介绍 传统页面的服务端渲染 为什么说"传统" 前后端分离 除了这种之外,还有其他的注入的可能 优化 延展 最后 前言 记录一次防止js注入的项目经历,起因,项目在测试过 ...

2. javascript 注入_注入JavaScript牟利：如何检测和阻止撇取者

   javascript 注入 In 2019 British Airways was fined a remarkable £183 million for a data breach of its s ...

3. SQL注入攻击零距离

   一次次的SQL注射入侵,一次次的网站被黑,总是那句话,漏洞在所难免,难道一点办法都没吗?这篇文章就是为大家解析下SQL注 射的原理,以及给出一些预防方法. 一:基础篇 分析下漏洞产生的原因,主要还是参 ...

4. 固件安全性—防止内存损坏和注入攻击

   固件安全性-防止内存损坏和注入攻击 Firmware Security – Preventing memory corruption and injection attacks 构成物联网(IoT)主 ...

5. PHP用户输入安全过滤和注入攻击检测

   摘抄自ThinkPHP /*** 获取变量 支持过滤和默认值* @param array $data 数据源* @param string|false $name 字段名* @param mixed ...

6. 超强JSP防SQL注入攻击

   第一种采用预编译语句集,它内置了处理SQL注入的能力,只要使用它的setString方法传值即可: String sql= "select * from users where userna ...

7. SQL注入攻击的种类和防范手段

   观察近来的一些安全事件及其后果,安全专家们已经得到一个结论,这些威胁主要是通过SQL注入造成的.虽然前面有许多文章讨论了SQL注入,但今天所讨论的内容也许可帮助你检查自己的服务器,并采取相应防范措施. ...

8. 遭遇一次MySQL猜解注入攻击

   遭遇一次MySQL猜解注入攻击 前些日子数据库被入侵,文章的阅读数都被纂改了,还好及时发现并做好备份.查一下 MySQL 语句记录,发现这么原来是这么一句 SQL 在捣鬼: 1 UPDATE tabl ...

9. Spring MVC防御CSRF、XSS和SQL注入攻击

   本文说一下SpringMVC如何防御CSRF(Cross-site request forgery跨站请求伪造)和XSS(Cross site script跨站脚本攻击). 说说CSRF 对CSRF来 ...

最新文章

1. ESXI磁盘类型的相互转换
2. 移植YAFFS2文件系统到linux3.18.4内核(原)
3. Android开发之git提交代码到GitHub仓库教程
4. 判断小数是否相等_五年级上册数学综合练习题(填空、判断、选择、文字题)，覆盖全册知识点！...
5. VC6 CImage 加载jpg png bmp
6. 中职计算机英语c答案,中职高考计算机试题及答案-20210622105004.docx-原创力文档...
7. 【数学】【CF27E】 Number With The Given Amount Of Divisors
8. Tableview最后一行无法显示或者显示不全的问题IOS
9. 【算法学习笔记】03.白书练习题stat（排序入门：冒泡，桶）
10. melt函数_熊猫的melt（）和使用pivot（）函数取消融化
11. 各大厂商防火墙Firewall
12. geotools中等值面的生成与OL3中的展示
13. 【淘宝API开发系列】获取商品详情，商品评论、卖家订单接口
14. 力扣练习——23 救生艇
15. 解决GoLand上面出现的Couldn‘t copy unpacked SDK问题
16. hw1-浅谈Dota2设计元素
17. Python基础------几种循环结构详解
18. LDA、QDA和朴素贝叶斯
19. 灰色的心情，贴几首我们一起唱的歌吧
20. 响应式微服务_低风险整体式微服务演进第二部分

热门文章

1. 用localStorage实现微信公众号自动登录
2. 一套代码，快速实现一个语音聊天室
3. 给员工的一封信：在职业生涯规划的框架中工作
4. 定量/高光谱遥感之——混合像元分解
5. python写透视挂_透视变换 任意角度 三维透视 python c++ opencv两种语言
6. mimikazi教程
7. 通达信指标公式编写常用函数（二）——HHV、LLV
8. opencv 查找并绘制轮廓
9. 【考研经验】英语如何拿高分？听听英语一92大神的经验谈！
10. 《Introducing Monte Carlo Methods with R》第四章笔记