White-Box Attack Context 白盒攻击环境
In this case, it is first necessary to "escape" to the free context, and then to append the XSS attack. For example, if the data is injected as a default value of an HTML form field.
在这种情况下,首先必要的是“逃”到自由的环境中,然后附加XSS攻击。
To minimize the amount of damage that can occur if an attack succeeds, choose a security context for your code that grants access only to the resources it needs to get its work done and no more.
若要将因攻击成功而导致的损害降到最低,请为您的代码选择安全上下文,以便只向资源授予其完成工作所必需的访问权限。
It describes an automated attack approach capable to self improve and to track the state context of a target device.
它描述了使用自动攻击的方法及自我改进和跟踪状态的设备和技术。
应用推荐