Download as PDF, PPTX
Uploaded byn|u - The Open Security Community
Cross site scripting
Cross Site Scripting (XSS) is a type of injection attack where malicious scripts are injected into otherwise benign and trusted websites. XSS has been a top web application vulnerability since 1996. There are three main types of XSS attacks: reflected XSS, stored XSS, and DOM-based XSS. Reflected XSS occurs when malicious scripts come from URLs, while stored XSS happens when scripts are stored on websites. XSS can be used to steal cookies and sessions, redirect users, alter website contents, and damage an organization's reputation. Developers can prevent XSS through input validation, output encoding, and using the HttpOnly flag.
In this document
Powered by AI
Introduction to XSS, categorized as a top web application vulnerability. Key rankings include 2nd in OWASP Top 10 and 8th in WASC Threat Classification.
Risks include session hijacking, reputation damage, redirection, and financial penalties affecting business continuity.
Overview of XSS types: Reflected XSS (non-persistence), Stored XSS (persistence), and DOM-based XSS discussed.
Explains Reflected XSS, a non-persistent attack where the harmful URL comes from user interaction.
Engagement through a demonstration of Reflected XSS.
Stored XSS is a persistent attack where malicious input is stored by the application, affecting users when improperly filtered.
Engagement through a demonstration of Stored XSS.
Detection via Black Box Testing (automated/manual) and White Box Testing (code analysis).
Strategies include encoding and filtering input/output parameters, and implementing whitelisting.
Utilizing HttpOnly flags on cookies to limit JavaScript access and reduce potential damages.
Citations from OWASP, WASC, Wikipedia, and other resources to explore XSS in further detail.
Emphasis on safety and security measures related to web applications.
More Related Content
Cross site scripting
- 1. Cross Site Scripting Badrish Dubey badrish007@gmail.com securetechpoint.blogspot.in
- 2. INTRODUCTION XSS wasfirstly discovered around 1996 and is still in the top ten vulnerability list for the web applications Rated 2nd in OWASP (Open Web Application Security Project) TOP 10 8th in the list of threat classification v2.0 for WASC (Web Application Security Consortium) Grouped under client side ATTACK
- 3. What XSS cando!!!! Stealing cookies, this is also known as Session Hijacking. Redirecting the users to another websites. Displaying completely different contents on your website. Performing port scans of the customer’s internal network, which may lead to a full intrusion attempt. Denting the REPUTATION and GOODWILL of the organization. Can lead Huge PENALITY AMOUNT which can affect the continuity of business
- 4. Different flavors ofXSS 1. Reflected Cross Site Scripting (Non Persistence) 2. Stored Cross Site Scripting (Persistence) 3. DOM based Cross Site Scripting In rest of the presentation we would be talking about the Reflected and Stored Cross site scripting.
- 5. Reflected XSS Reflected XSS,also known as, Non–Persistence XSS or TYPE 1 XSS, is the case of attack that doesn't load with the vulnerable web application but is originated by the victim loading the offending URL. Now lets us see how the Reflected XSS takes place.
- 6.
- 7.
- 8. Stored XSS Stored XSSis also known as Persistence XSS or TYPE 2 XSS. Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data storage for later use. The input, that is stored, is not correctly filtered. As a consequence, the malicious data will appear to be the part of the web site and runs within the user’s browser under the privileges of the web application.
- 9.
- 10.
- 11. How to DETECTXSS 1. BLACK BOX TESTING Using web application scanner (Automated) Manually Testing 2. WHITE BOX TESTING Code analysis
- 12. How to PREVENTXSS 1. Encode output, based on, input parameters 2. Filter input parameters for special characters 3. Filter output, based on, input parameters for special characters 4. White list the Input
- 13. Defense IN-DEAPTH (HttpOnly) •Set the HTTPOnly flag on your session cookie and on any custom cookie that you don’t want to be accessed by any javascript. • When you mark your cookie as HttpOnly, then it is not accessible via javascript. • In case after taking all the measures for XSS, if it still executes, then HttpOnly flag minimizes the damage.
- 14. References • OWASP:- https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) •WASC:- http://projects.webappsec.org/w/page/13246920/Cross%20Site%20Script ing • Wikipedia:- http://en.wikipedia.org/wiki/Cross-site_scripting • CERT Advisory:- http://www.cert.org/advisories/CA-2000-02.html • You can also find this complete article on my blog (http://securetechpoint.blogspot.in/) and also you can get this in haking9 magazine http://hakin9.org/pentesting-with-android-exploiting- software-0612/
- 15. BE SAFE ANDBE SECURE •