摘要: 0x00 简要介绍CSRF(Cross-site request forgery)跨站请求伪造,由于目标站无token/referer限制,导致攻击者可以用户的身份完成操作达到各种目的。根据HTTP请求方式,CSRF利用方式可分为两种。0x01 GET类型的CSRF这种类型的CSRF一般是由于程序员... 阅读全文
posted @ 2015-09-11 23:40 iDEAAM 阅读(362) 评论(0) 推荐(0) 编辑
摘要: //Client端调用 static void Main(string[] args) { string publicKey = "DpLMCOihcYI2i6DaMbso9Dzo1miy70G/3+UibTttjLSiJ3cco"; ... 阅读全文
posted @ 2015-09-11 23:10 iDEAAM 阅读(444) 评论(0) 推荐(1) 编辑
摘要: Cookies are not limited only to web browsers. any http-aware client that supports cookies can deal with a cookie sending aSp .net Web api. the followi... 阅读全文
posted @ 2015-09-11 22:49 iDEAAM 阅读(2069) 评论(0) 推荐(0) 编辑
摘要: Method Overriding RESTful services allow the clients to act on the resources through methods such as GET, POST, PUT, DELETE, and so on. GET and POST a... 阅读全文
posted @ 2015-09-11 22:37 iDEAAM 阅读(825) 评论(0) 推荐(0) 编辑