What is XSS ? XSS is one of the popular vulnerability(mainly in web applications) which allows malicious users to inject any arbitrary code into the web pages which will infect the other users(victims) who view it. The term ‘cross site script’ means foreign/attacker’s arbitrary script sent via server to client’s browser.
TYPES OF XSS Type 0 (DOM based XSS) Type 1 (Reflected XSS) Type 2 (Persistent XSS)
TYPE 1-XSS This loophole is when a user input data is used as an input by server side scripts to generate page of results for that user CAUSE: Input not sanitized/HTML encoding not taken care A classic example of this is in site search engines and some other text fields. DEMO: POST method: “> HACKER
TYPE 2-XSS The input data provided by the attacker gets stored in the server side and then permanently displayed on normal pages returned to other users in the course of regular browsing, without proper HTML escaping(special characters escaping). CAUSE: Input arbitrary script get stored in server side. Highly Critical DEMO: POST method: “> alert(“Hacker”)
IMPACT OF XSS Who is gonna suffer ? -CLIENT: He trust the server and he will not be knowing that browser is executing malicious script. -Vendors(where server is hosted): public image on the owning company of the product or web apps.
How to protect against XSS? Input sanitization/validation - parameter passed via GET and POST method. - User agent, Domain data in the cookie need to be validated. HTML encoding - when input data is used to generate output pages or URL, input data should be HTML encoded.
User defined functions and Firewalls Developer can create a function that escapes or replaces the special malicious characters. Web application Firewalls can be used.
DON’T LEARN TO HACK……! HACK TO LEARN…..!! :P THANK YOU