what is xss(cross site scripting)typesworkingetc...
PowerPoint Presentation
Cross Site Scripting (XSS)POOJARoll no. 7215Btech [IT] 3rd
YearWhy XSS ?Instead of CSS...
Contents
IntroductionPie chartSome points regarding itTypes and
workingExamplesFunctionsHow to preventAdvantages and
disadvantagesConclusionFuture scopeReferences
IntroductionXss was firstly discovered around 1996 and is still
in the top ten vulnerability list for the web application.XSS is
one of the most common application-layer web attacks. And most
major websites like Google, Yahoo, Facebook have all been affected
by XSS flaws:Steal cookies # Hijack of users session # Unauthorized
accessRun malicious codeModify content of the web page# Inserting
words or images# Misinform# Bad reputation-in which attackers try
to inject malicious scripts to perform malicious actions on trusted
websites.In XSS, malicious code executes on the browser side and
affects users.
In 2011By: WHID Most websites have numerous injections points,
such as : -search fields , -feedback forms, -URL headers, -and
other input field. Most common purpose -to gather cookie data (as
cookies are commonly and regularly used incorrectly to store I n
information such as session IDs), -user preferences or login
information. -IP address Attacks work by injecting code, -usually a
client-side script such as JavaScript, into a web applications
output. -code:- JavaScript, VBScript, ActiveX, HTML, or Flash Types
& Working :-Non-Persistent (Reflected) XSS Most common form of
XSS.Occur when attacker injects browser executable code within a
single HTTP reponse, Easiest to exploit.Typically delivered by
email or a neutral website.In this type ,the injected code will be
send to the server via HTTPrequest(POST,GET)
Example: site search engine.
alert ('This is an XSS Vulnerability')
http://test.searchengine.com/search.php?q=%3Cscript%3Ealert%28%91This%20is%20an%20XSS%20Vulnerability%92%29%3C%2Fscript%3E
User login.Attacker gives malicious url to use.
User request attackers url.
Server responds with attackers JavaScript.
Attacker JavaScript executes in users browser & attackers
gets hold of desired information. 6 Attacker gets control
User
Server
Persistent (Store) XSS Most damaging form of XSS.This attack
occurs when the malicious code submitted by attacker is saved by
the server in the database, and then permanently it will be run in
the normal page.It is stored on the server,then run when a user
navigates to it.Does not require tricking a user.Activated by
regular net use.Example: in posting of message
1. Attacker in his blog post some m malicious code using
JavaScript.
2 user logs in.
3. User view attackers blog.
4. server browser responds with attackers javaScript which
executes in users browser.
5. User browser executes the browser message which is a
JavaScript code.
6. Attackers gets control and hijacks the session u using
appropriate code.attacker
User
ServerLocal ( DOM ) XSS A subclass of reflected XSS.Performed on
the client-side.Mainly deals with javascript.Vulnerability that
appears in the DOM instead of part of the HTML.It can only be
observed on runtime or by investigating the DOM of the page.
User
User logs in
2. Attacker feeds crafted URL to user.
3. User requests attackers url.
4. Server responds with page containing hardcoded JavaSript.
5. Attackers url is processed by JavaScript executing the attack
& attacker through JavaScript can can get hold of user;s
session. 6. 6. Attacker hijacks users session.
Server
How to prevent?Client sideDisable JSVerify emailAlways
updateServer sideInput validation (Black listing VS White
listing)Encode all meta characters send to the clientkeep track of
user sessions Web application firewallNOTE : Anti-virus can not
stop XSS attack. Escaping
Advantages :-Microsoft Anti-XSS library makes handling that much
easier and abstract.
Stolen session cookie may expire before its used .
Never makes a direct request to our server.
We can not log his IP ,it is harder to trace.
Disadvantages :-XSS is a serious problem that can allow identity
theft and financial loss.XSS ,by its nature is highly complex. Time
consuming.
ConclusionAlthough user scripts seem to be reasonably safe,
always investigate their code before using them.By now you should
be aware that any sort of data that can land on your web page from
an external source has the potential of being infected with a
malicious script, but in what form does the data come? , , , , ,
etc.
Future Scope:-The future of XSS Attacks are very limited or
non-existing if the CSP in FIREFOX is implemented correct on any
website in the world .We will see how also other browser vendors
will act with CSP. As the methods_name(), tags are invalidated by
the web application (not done on IE browser), In 2012, some holes
are found in CSP, so the future of XSS, not in dark.References
:www.google.com /xss tutorials /images.www.google.com /cross site
scripting(xss) attacks: Methodology and prevention | Golem
Technolgies.www.google.com/preventing XSS Attacks |
acunetix.comwww.YouTube.com/Blind XSSwww.YouTube.com/XSS cross site
scripting
Demonstration_http://googleweblight.com/?(websecurity.com).ua/3878future_scope
_http://google.com/?www.globalspec.com/reference/ch1-xss
fundamentals._http://www.google.co.in/about/appaecurity/learning/xss/_google.com
/some points regarding xss/definition from Whatls.com
_youtube.com/what is cross site scripting(xss)Pdf/XSS Attacks -
Exploits and Defense
ATTACKERS
Beware ofThank You
