Beruflich Dokumente
Kultur Dokumente
“Cross-Site” means :
Foreign script sent via server to client
◦ Attacker „makes “ Web-Server deliver malicious script code
◦ Malicious script is executed in Client’s Web Browser
Attack:
◦ Steal Access Credentials, Denial –of –Service , Modify Web pages
◦ Execute any command at the client machine
XSS attacks occur when an attacker uses a web application to
send malicious code, generally in the form of a browser side
script, to a different end user.
Users:
*An Attacker, Client
*A company’s Web Server (i.e., Web application)
In order to run malicious JavaScript code in a victim’s
browser, an attacker must first find a way to inject a payload
into a web page that the victim visits.
RULE #3 –
JavaScript Escape Before Inserting Untrusted Data
into JavaScript Data Values
RULE #4 –
CSS Escape And Strictly Validate Before Inserting
Untrusted Data into HTML Style Property Values
RULE #5 –
URL Escape Before Inserting Untrusted Data into
HTML URL Parameter Values
RULE #6 –
Sanitize HTML Markup with a Library Designed for
the Job
RULE #7 –
Prevent DOM-based XSS
There are three types of XSS
They are:
* Stored XSS,
* Reflected XSS and
* DOM-based XSS.
* The most damaging type of • * Login to Webgoat and
XSS is Stored (Persistent) navigate to cross site
XSS. scripting(xss) Section. Let
us execute a Stored Cross
* Stored XSS attacks involves Site Scripting (XSS) attack.
an attacker injecting a script Below is the snapshot of the
that is permanently stored scenario.
on the target application
In Reflected XSS, the
attacker’s payload script
has to be part of the
request which is sent to
the web server and
reflected back in such a
way that it response
includes the payload
from the HTTP request
DOM-based XSS is an
advanced type of XSS attack The most dangerous part of
which is made possible when DOM-based XSS is that the
the web application’s client side attack is often a client-side
scripts write user provided data attack, and the attacker’s
to the (DOM). payload is never sent to the
server.
* Normal users
Access to personal data (Credit card, Bank Account)