Detailed explanation of DoS attack analysis and defense of 12 lines of JS code

There is a 12-line JavaScript code that can crash Firefox, Chrome, and Safari browsers, and can also cause iPhones to restart and Android to crash. The author of this article analyzed and interpreted these 12 lines of code. We also put forward corresponding defense methods, and everyone is welcome to discuss them together. Here is an article about these 12 lines of js code: How do these 12 lines of code make the browser explode?

Ajax and pjax

Ajax is "Asynchronous Javascript And XML" (Asynchronous JavaScript and XML), which is a technology used to create fast dynamic web pages. Ajax allows web pages to be updated asynchronously by exchanging a small amount of data with the server in the background. This means that parts of a web page can be updated without reloading the entire web page.

However, Ajax applications can also cause other problems, which can easily cause the browser to be unable to move forward and backward. This is a very troublesome problem, and developers must increase their workload (such as through a hidden iframe, or changing the location .hash value and other methods) to solve it.

In order to solve the problems caused by traditional Ajax, a new API was introduced in HTML5: history.pushState. After it is combined with Ajax, it has a new name called pjax. It is a new technology based on Ajax+history.pushState. This technology can change the content of the page without refreshing, and can change the URL of the page. pjax is an encapsulation of Ajax+pushState and supports multiple functions such as local storage and animation. Currently supports jquery, qwrap, kissy and other versions.

HTML5.history.pushState

HTML5 can operate the browser history through the pushState and replaceState interfaces, and change the URL of the current page.

pushState adds the specified URL to the browser history and stores the current history point. replaceState replaces the current URL with the specified URL. At the same time, these methods will work with the window.onpostate event.

history.pushState(data, title, url): Add a record to the top of the history stack; data will be passed as a parameter when the onpopstate event is triggered; title is the page title, which is generally ignored by all current browsers. This parameter; URL is the page address, optional, and the default is the current page address. Specific details:

state: The object is a JavaScript state object, an additional object that records historical points, and can be empty. It is related to the new history entity created by the pushState() method. Used to store information about the entry you want to insert into the history.

title: All browsers generally ignore this parameter, although it may be used in the future. The safest way to use it now is to pass an empty string to prevent future modifications, or you can pass a short title to represent the state.

URL: This parameter is used to pass the URL of the new history entity. The new URL must be in the same domain as the existing URL, otherwise pushState() will throw an exception. This parameter is optional. If left blank, it will be set to the current URL of the document.

Twelve lines of code analysis

The picture above is the twelve lines of code. The key point is the loop for the total URL: history.pushState(0,0,total); constantly Modifying the URL, looping it 1,000,000 times, and constantly adding new records to the history stack will cause high CPU and memory usage, crash Firefox, Chrome, and Safari browsers, and also cause the iPhone to restart.

Analysis results

Personally measured on an XP virtual machine (i7 single core 3.4G, 512 memory):

• When the number of cycles above is ten When the level is above 10,000, the CPU and memory usage will be 100% instantly, and then crash and freeze;

• When the number of cycles above is reduced to about 10,000, the CPU and memory usage will be about Gradually increased to 100% within 20 seconds, and then crashed;

• When the number of cycles above was reduced to about 500, the CPU usage gradually increased to 100%, and then again It returned to a stable state instantly, and the memory usage increased from about 130M to about 230M. After opening the 192.168.56.106/12.html page, the link in the address bar also changed to: 192.168.56.106/0123456789101112131415161718192021...49449549649749 8499

It can be seen that while continuously adding records to the history record stack through the loop, the page will be refreshed to the new jump address, which is a "pseudo address" accumulated in the loop. When this length exceeds the limit, it will cause DOS. The effect and efficiency of the attack completely depend on the number of loops and the target's hardware configuration.

Relevant Defense

I believe that everyone’s security awareness is already very strong, but you still need to sound the alarm. Don’t trust any links, attachments, or emails sent to you by any stranger in any way. , pictures and other information, of course it does not rule out the pranks of good friends and bad friends, so friends, remember to Ctrl+S often, otherwise you will be very depressed if your computer crashes.

The Internet has been exposed to hacker attacks since its birth. Early hacker attacks were more or less for the purpose of technical experimentation and showing off. However, with the growth of the global Internet infrastructure, the unlimited growth of connections and the number of users, With the rapid expansion of the number, the frequency of hacker attacks has also increased accordingly. Hacker technology has also continued to develop, and a black industry chain for the purpose of illegally obtaining economic benefits has gradually emerged. The technical level of Internet security protection is advancing by leaps and bounds. Attack and defense are happening every minute and every second in this Internet era.

Of course, the Internet is full of information security threats. Network security protection depends on technology seven times and awareness three points. To protect against these problems, it is far from enough to rely solely on the products and services of security manufacturers. Network security The increase in awareness cannot be ignored.

For example: pay attention to the management of personal passwords, pay attention to the protection of personal privacy, do not easily access public wifi, do not easily trust links or files from strangers/familiar friends, etc., pay attention to the security of mobile payments, and do not let your device "Streaking" and so on.

The above is the detailed content of Detailed explanation of DoS attack analysis and defense of 12 lines of JS code. For more information, please follow other related articles on the PHP Chinese website!