In
this following post we will have some basic look over Cross Site
Scripting. Cross site scripting is also known as XSS and many times
people also abbreviate it as CSS (by the way CSS means Cascading Style
Sheets). Commonly XSS is web application attack and not web server attack,
it occurs in web application which accepts input without validation and
sanitization resulting giving an attacker chance to run a malicious
script. XSS vulnerability occurs in a web application due to dynamic
nature of a web page which is attained by Java Scripts, VB Scripts,
ActiveX controls, Flash contents and scripts and sometimes with help of
HTML too.
All those scripts and programming languages that are responsible for
dynamic contents over a web page are also responsible for XSS attacks.
An attacker can take advantage of XSS vulnerability and execute a
malicious Java script, VB Script, ActiveX controls, Flash and HTML.
Most
security professionals think XSS is lame game since it does not provide
any help compromising a remote system, but this is not cent percent
true. When circumstances are right you can surely own a system using XSS
attack. Also level of catastrophic conditions depends upon where a
vulnerable application is used and for what purpose. For example a
bank’s web application XSS vulnerability can lead to serious online
theft or an attacker who wants to execute a malicious script over
several computers using social network. So in fact XSS is not all lame
game as compared to SQL injection, command injection and directory
transversal attacks.
XSS attacks can be classified into following two types,
Reflected Attacks
Stored Attacks
An
attack where the inserted code is permanently stored in target server
is known as Stored XSS Attack. An attack where the injected code needs
special route to victim like email or hyperlink is known as Reflected
XSS Attacks. XSS attacks executes codes with help of browser because it
supports all scripts and ActiveX controls also no matter the attack type
is reflected or stored the result of XSS will not differ.
Though
this was just basic in future posts we will cover how some real web
application hacking takes place therefore for practice you’ll need
vulnerable applications. Following is list of vulnerable web
applications for practice,
Damn Vulnerable Web Application (DVWA)
Vicnum
Bodgelt Store
WackoPicko
Jarlsberg
You can practice web application hacking
on any of these or all of these but for some reason I suggest you start
with Damn Vulnerable Web Application (DVWA). Download it, read how to
install and install it. In next post we will see some real way to find
and exploit XSS vulnerability. Till then thanks for reading, have a nice
time and keep visiting.
0 comments:
Post a Comment