java 解決Host頭攻擊漏洞
- 在配置檔案中配置IP和端口号
server:
port: 9099
address: 172.16.64.208
- 配置過濾器,攔截請求
package com.sgcc.springboot_host;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 解決 Host 漏洞過濾器
* //配置urlPatterns為 /* 攔截所有請求
*/
@WebFilter(urlPatterns ={"/*"})
@Configuration
public class HostFilter implements Filter {
@Value("${server.address}")
private String ip;
@Value("${server.port}")
private String port;
private String warnHtml = "/html/warn.html";
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//配置檔案中的host
String host = ip + ":" + port;
//請求中的host
String realHost = request.getHeader("host");
//判斷配置檔案中的host和請求中的host是否相同,如果不同,證明其被篡改,将其跳轉到告警頁面
if (!host.equals(realHost)){
//要設定絕對路徑頁面. 如果設定為相對路徑,它的host依然是被篡改的,他就會跳轉到被篡改的host位址的頁面上了
String redirectHtml = request.getScheme() + "://" +host + warnHtml;
response.sendRedirect(redirectHtml);
}
filterChain.doFilter(servletRequest, servletResponse);
}
}
- 用抓包工具測試, 修改請求的host請求為www.baidu.com 後, 響應的請求依然為項目的請求. host處理完成.
寫了一個springboot解決host漏洞的小例子.
https://download.csdn.net/download/qq_35976271/14110225