[Java] System vulnerability: Precautions for user operations after logging in

高洛峰
Release: 2016-10-13 12:50:53
Original
1616 people have browsed it

Project background:

SpringMVC + Mybatis + MySql database (javaWeb project development)

Related modules: login, personal details modification, order details query

Related vulnerability introduction:

 1. Login verification code: Login verification The code must be verified in the background. If the verification code is only verified in the front desk but not verified in the background, it may happen that after the verification code is verified for the first time, tools are used to bypass the verification code for brute force cracking;

  2. Interceptor: To verify After logging in, the interface name for personal information operations must be intercepted using /user or /admin. If the user is not logged in, it will automatically jump to the login page;

  3. Modification of personal details: The user's information must be stored in the session. , such as the user's id. When modifying personal information in this way, if it is a password-free interface (that is, no password is required to modify information), when modifying account information, be sure not to directly pass the user's id as a unique identifier. Use the user's When providing critical information, you can obtain the information of the currently logged-in user from the session to prevent a user with account 3000001 from modifying the personal information of a user with account 3000002 after logging in;

  4. Order details interface: If you are querying the user's order details, If you query only through the order ID, even if /user is added to the interface name and users who are not logged in are intercepted, it is possible that other users can query the details of orders other than their own after logging in. In this case, before querying the order details, you must verify that the order is the personal order of the currently logged in user, that is, verify that the ID in the session is consistent with the ID of the creator of the order; to prevent information leakage;

(Note: The above vulnerabilities have actually happened. I am posting this in the hope that other newbies will learn from it and also hope to share with more people the problems encountered during development)


source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!