Scribd
Upload
249 views20 pages

Cross Site Scripting

This document discusses cross-site scripting (XSS) attacks. It defines XSS as an attack where malicious scripts are injected into trusted websites. The document outlines different types of XSS attacks, including reflected, stored, and DOM-based XSS. It provides examples of how each type works and discusses how to prevent XSS vulnerabilities through input validation, encoding, and other techniques. The document concludes by discussing advantages and disadvantages of XSS attacks and future directions in prevention.

Uploaded by

Pooja Yadav
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
Download as pptx, pdf, or txt
249 views20 pages

Cross Site Scripting

This document discusses cross-site scripting (XSS) attacks. It defines XSS as an attack where malicious scripts are injected into trusted websites. The document outlines different types of XSS attacks, including reflected, stored, and DOM-based XSS. It provides examples of how each type works and discusses how to prevent XSS vulnerabilities through input validation, encoding, and other techniques. The document concludes by discussing advantages and disadvantages of XSS attacks and future directions in prevention.

Uploaded by

Pooja Yadav
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1/ 20

Cross Site Scripting

(XSS)
POOJA
Roll no. 7215
Btech [IT] 3rd Year

Why XSS ?
Instead of CSS...

Contents
Introduction
Pie chart
Some points regarding it
Types and working
Examples
Functions
How to prevent
Advantages and disadvantages
Conclusion
Future scope
References

Introduction

Xss was firstly discovered around 1996 and is still in the top ten
vulnerability list for the web application.
XSS is one of the most common application-layer web attacks.
And most major websites like Google, Yahoo, Facebook have all been
affected by XSS flaws:

Steal cookies
# Hijack of users session
# Unauthorized access

Run malicious code

Modify content of the web page


# Inserting words or images
# Misinform
# Bad reputation

-in which attackers try to inject malicious scripts to perform malicious


actions on trusted websites.
In XSS, malicious code executes on the browser side and affects users.

In 2011
By: WHID

Most websites have numerous injections points,


such as : -search fields ,
-feedback forms,
-URL headers,
-and other input field.

Most common purpose


-to gather cookie data (as cookies are commonly and regularly used incorrectly to
store

information such as session IDs),

-user preferences or login information.


-IP address

Attacks work by injecting code,


-usually a client-side script such as JavaScript, into a web applications
-code:- JavaScript, VBScript, ActiveX, HTML, or Flash

output.

Types & Working :Non-Persistent (Reflected) XSS


Most common form of XSS.

http://test.searchengine.com/
search.php?q=%3Cscript
%3Ealert%28%91This%20is
%20an%20XSS
%20Vulnerability
%92%29%3C%2Fscript%3E

Occur when attacker injects browser executable code within a single HTTP reponse,
Easiest to exploit.
Typically delivered by email or a neutral website.
In this type ,the injected code will be send to the server via HTTPrequest(POST,GET)

<script type="text/javascript">
alert ('This is an XSS
Vulnerability')
</script>

Example: site search engine.

User

Server

1. User login.
2. Attacker gives malicious url to use.
3 User request attackers url.
4 Server responds with attackers JavaScript.

5 Attacker JavaScript executes in users browser & attackers


gets hold of desired information.
6 Attacker gets control

Persistent (Store) XSS


Most damaging form of XSS.
This attack occurs when the malicious code submitted by attacker is
saved by the server in the database, and then permanently it will be run
in the normal page.
It is stored on the server,then run when a user navigates to it.
Does not require tricking a user.
Activated by regular net use.
Example: in posting of message

attacker
User

Server
1. Attacker in his blog post

some
m
malicious code using JavaScript.
2 user logs in.
3. User view attackers blog.
4. server browser responds with attackers
javaScript which executes in users browser.

5. User browser executes the browser message which is a JavaScript code.

session
code.

6. Attackers gets control and hijacks the


using appropriate

Local ( DOM ) XSS


A subclass of reflected XSS.
Performed on the client-side.
Mainly deals with javascript.
Vulnerability that appears in the DOM instead of part of
the HTML.
It can only be observed on runtime or by investigating the
DOM of the page.

User

1.

Server

User logs in

2. Attacker feeds crafted URL to user.

3. User requests attackers url.

4. Server responds with page containing hardcoded JavaSript.

5. Attackers url is processed by JavaScript executing the attack & attacker through JavaScript can can get hold of user;s
session.
6.

6. Attacker hijacks users session.

How to prevent?
Escaping
Client side
Disable JS
Verify email
Always update

Server side
Input validation (Black listing VS White listing)
Encode all meta characters send to the client
keep track of user sessions
Web application firewall

NOTE : Anti-virus can not stop XSS attack.

Advantages :-

Microsoft Anti-XSS library makes handling that much easier and abstract.
Stolen session cookie may expire before its used .
Never makes a direct request to our server.

Disadvantages :-

We can not log his IP ,it is harder to trace.

XSS is a serious problem that can allow identity theft and financial loss.
XSS ,by its nature is highly complex.
Time consuming.

Conclusion
Although user scripts seem to be reasonably safe, always
investigate their code before using them.
By now you should be aware that any sort of data that can land
on your web page from an external source has the potential of
being infected with a malicious script, but in what form does
the data come?

<script>, <body>, <img>, <input>,


<table>,<link> etc.

Future Scope: The future of XSS Attacks are very limited or nonexisting if the CSP in FIREFOX is implemented correct
on any website in the world .
We will see how also other browser vendors will act
with CSP.

As the methods_name(), tags are invalidated by the


web application (not done on IE browser),

In 2012, some holes are found in CSP, so the future of


XSS, not in dark.

References :

www.google.com /xss tutorials /images.

www.google.com /cross site scripting(xss) attacks: Methodology and prevention | Golem


Technolgies.

www.google.com/preventing XSS Attacks | acunetix.com

www.YouTube.com/Blind XSS

www.YouTube.com/XSS cross site scripting Demonstration

_http://googleweblight.com/?(websecurity.com).ua/3878future_scope

_http://google.com/?www.globalspec.com/reference/ch1-xss fundamentals.

_http://www.google.co.in/about/appaecurity/learning/xss/

_google.com /some points regarding xss/definition from Whatls.com

_youtube.com/what is cross site scripting(xss)

Pdf/XSS Attacks - Exploits and Defense

Beware of

ATTACKERS

Thank You

You might also like