Downloaded 337 times
Uploaded bykinish kumar
Cross site scripting
Cross Site Scripting (XSS) is a type of vulnerability that allows attackers to inject client-side scripts into web pages viewed by other users. There are three main types: persistent XSS saves the attack script on the server; reflected XSS executes a script based on user-supplied input; and DOM-based XSS occurs when active browser content processes untrusted user input. Attackers use XSS to steal session cookies or other private information that can be used to impersonate users.
In this document
Powered by AI
Discusses Cross Site Scripting (XSS) vulnerabilities in web apps. Types: Persistent, Non-Persistent, DOM-based.
Explains persistent XSS vulnerabilities, how data is stored on servers, and potential attack scenarios.
Guidance on how to set up a vulnerable application using XAMPP and DVWA for educational purposes.
Shows how to test stored XSS by injecting scripts into inputs, resulting in pop-up messages for users.
Describes non-persistent (reflected) XSS, methods of execution, and how attackers can steal user cookies.
Encouragement to use DVWA or WebGoat for hands-on testing and understanding vulnerabilities.
Illustrates results of non-persistent XSS and cookie access through script execution and behavior differences.
Lists vulnerable websites and notes the illegal nature of exploiting these weaknesses.
Explain DOM-based XSS, how it occurs in client-side JavaScript, and its implications.
Provides resources for further reading and study on Cross-Site Scripting (XSS) vulnerabilities.
More Related Content
Similar to Cross site scripting
Cross site scripting
- 1. BY:- KINISH KUMAR(www.kinishcybersec.blogspot.in) https://www.facebook.com/kinishkumar
- 2. Cross Site Scripting(XSS) is a type of computer insecurity vulnerability typically found in web applications(such as web browsers through breaches of browser security) that enables attackers to inject client-side script into web pages viewed by the other users. Xss is mostly possible on dynamic website where input is require . There are three types of XSS:- 1.Persistent (stored) XSS Attack is stored on the website’s server. 2.Non Persistent (reflected) XSS User has to go through a special link to be exposed 3.DOM-based XSS Problem exists within the client side scripts
- 3. The persistent(or stored)XSS vulnerability is a more devasting variant of a cross site scripting flaw; it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on “normal” pages returned to the users in the course of regular browsing without proper HTML escaping. Simply persistent xss is occurs when the developer stores the user input data into database server or simply writing it in a file without a proper filtration, then sending them again to the client browser.
- 4. Vulnerable Apps DATA Forum ,blog ,search etc BASE SERVER <html> <script> <html> <script> VICTIM ATTACKER
- 5. This fig showshow an attacker execute its malicious script .Firstly attacker input his/her html or java script in search , forum or blog and due to no input filtration the script is saved in server then some other user click on this forum or page then the malicious script is executed on the victim or client browser. Some example of scripts:- <script>alert(“Hello World”);</script> This script is used to pop up a box contain message Hello World <script>alert(document.cookie);</script> This script is used to show your cookies
- 6. To perform crosssite scripting for learning purpose you can setup ur own server with a vulnerable apps You can use XAMPP server and DVWA application for this purpose you can download this from:- http://www.apachefriends.org/en/xampp-windows.html http://sourceforge.net/projects/dvwa/ I login in my DVWA (damn vulnerable web application) the default username is “admin” and password is “password” without quotation marks.
- 8. When I inputtext message then its ok nothing happen it show my message in box. lets try some script on this message box
- 9. In this timeI write stored xss in name field and <script>alert(“hello you are hacked”);</script> in message field and when I click on guestbook it pop up a message every time any other user click on the guestbook or this page he will get same message because the input is stored on the server database.
- 10. The non-persistent( orreflected) cross site scripting vulnerability is by far the most common type. These holes show up when the data provided by a web client, most commonly in HTTP query parameters or in HTML form submissions, is used immediately by server-side scripts to generate a page of results for that user, without sanitizing the request.
- 11. Vulnerable Apps DATA Forum ,blog ,search etc BASE SERVER <html> <script> <html> <script> script Session id VICTIM PHISING ATTACKER
- 12. In persistent ofreflected XSS the script is executed when it is input on the forum or database in client browser when it submit it so this is not an serious problem but this is also used to steal other cookies (session id and other important info ) . The attacker send an message to client or victim through email (fake mail) in which he write Dear customer we have notice some illegal activity in ur account to check where it is you or some other please click this link to do that and the mail is crafted so nice the victim is come is on the attacker net to do this attacker used other social engineering techniques to fool the victims. When victim click on ur link the script is executed and send the victim cookies info to attacker website to do this attacker used a php script and host it in web hosting website when victim click the cookies info of victim is send to attacker website where he is host his/her php script in a plain text format he /she used it to login ur website .
- 13. You can eitherused DVWA or WebGoat application to test ur skills like real scenario u can download WebGoat through OWASP website . Here I used DVWA application to demonstration. Hack to learn not learn to hack
- 14. Here I writekinish kumar and then submit then it display my name again we write script and see what it display
- 15. Here I write<script>alert(“hello”);</script> and then it doesn’t display the script it execute it but it executed once that is the basic difference of persistent and non persistent xss.
- 16. Here I writescript to display cookie I.e,<script>alert(doucument.cookie);</script> and it show the cookies and we can do lot of things when we get somebody cookies by apply phishing or social engineering methods.
- 17. Some vulnerable websitesare :- 1. http://www.timesjobs.com/candidate/companySearch.htm 2. http://www.gnomonwatches.com 3.http://www.jouezetgagnez.net/index.php?email= Here I will do reflected xss on www.gnomonwatches.com because it is vulnerable to cross site scripting but please don’t do that this is illegal . ALWAYS REMEMBER THIS QUOTE :-
- 19. DOM-based vulnerabilities occurin the content processing stages performed by the client, typically in client-side JavaScript. The name refers to the standard model for representing HTML or XML contents which is called the Document Object Model (DOM) JavaScript programs manipulate the state of a web page and populate it with dynamically-computed data primarily by acting upon the DOM. OR DOM-based Cross-Site Scripting is the de-facto name for XSS bugs which are the result of active browser-side content on a page, typically JavaScript, obtaining user input and then doing something unsafe with it which leads to execution of injected code. This document only discusses JavaScript bugs which lead to XSS. The DOM, or Document Object Model, is the structural format used to represent documents in a browser. The DOM enables dynamic scripts such as JavaScript to reference components of the document such as a form field or a session cookie. The DOM is also used by the browser for security - for example to limit scripts on different domains from obtaining session cookies for other domains. A DOM-based XSS vulnerability may occur when active content, such as a JavaScript function, is modified by a specially crafted request such that a DOM element that can be controlled by an attacker.
- 20. Reference:- www.infosec4all.tk http://en.wikipedia.org/wiki/Cross- site_scripting https://www.owasp.org/index.php/Cross- site_Scripting_(XSS) I try my best to explain basics of cross site scripting if there is any mistake please comment and give ur valuable suggestions.