Cross site scripting

28,081 views
27,900 views

Published on

The basic of XSS in simple way everyone is understand and demo are given

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
28,081
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
117
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Cross site scripting

  1. 1. BY:- KINISH KUMAR(www.kinishcybersec.blogspot.in) https://www.facebook.com/kinishkumar
  2. 2. Cross Site Scripting (XSS) is a type of computer insecurityvulnerability typically found in web applications(such as webbrowsers through breaches of browser security) thatenables attackers to inject client-side script into web pagesviewed by the other users. Xss is mostly possible ondynamic website where input is require . There are three types of XSS:-1.Persistent (stored) XSS Attack is stored on the website’s server. 2.Non Persistent (reflected) XSS User has to go through a special link to be exposed 3.DOM-based XSS Problem exists within the client side scripts
  3. 3. The persistent(or stored) XSS vulnerability is a moredevasting variant of a cross site scripting flaw; it occurs whenthe data provided by the attacker is saved by the server, andthen permanently displayed on “normal” pages returned tothe users in the course of regular browsing without properHTML escaping. Simply persistent xss is occurs when the developer stores the user input data into database server or simply writing it in a file without a proper filtration, then sending them again to the client browser.
  4. 4. Vulnerable Apps DATA Forum ,blog ,search etc BASE SERVER <html> <script> <html> <script>VICTIM ATTACKER
  5. 5. This fig shows how an attacker execute itsmalicious script .Firstly attacker input his/herhtml or java script in search , forum or blog anddue to no input filtration the script is saved inserver then some other user click on this forumor page then the malicious script is executedon the victim or client browser. Some example of scripts:- <script>alert(“Hello World”);</script> This script is used to pop up a box contain message Hello World <script>alert(document.cookie);</script> This script is used to show your cookies
  6. 6. To perform cross site scripting for learningpurpose you can setup ur own server with avulnerable appsYou can use XAMPP server andDVWA application for thispurpose you can download thisfrom:-http://www.apachefriends.org/en/xampp-windows.htmlhttp://sourceforge.net/projects/dvwa/ I login in my DVWA (damn vulnerable web application) the default username is “admin” and password is “password” without quotation marks.
  7. 7. When I input text message then its ok nothing happen itshow my message in box. lets try some script on thismessage box
  8. 8. In this time I write stored xss in name field and <script>alert(“hello you are hacked”);</script>in message field and when I click on guestbook it pop up a message every time any other userclick on the guestbook or this page he will get same message because the input is stored on theserver database.
  9. 9. The non-persistent( or reflected) cross site scriptingvulnerability is by far the most common type. These holesshow up when the data provided by a web client, mostcommonly in HTTP query parameters or in HTML formsubmissions, is used immediately by server-side scripts togenerate a page of results for that user, without sanitizing therequest.
  10. 10. Vulnerable Apps DATA Forum ,blog ,search etc BASE SERVER <html> <script> <html> <script> script Session idVICTIM PHISING ATTACKER
  11. 11. In persistent of reflected XSS the script is executed when it is input onthe forum or database in client browser when it submit it so this is notan serious problem but this is also used to steal other cookies (session idand other important info ) .The attacker send an message to client or victim through email (fakemail) in which he write Dear customer we have notice some illegalactivity in ur account to check where it is you or some other please clickthis link to do that and the mail is crafted so nice the victim is come is onthe attacker net to do this attacker used other social engineeringtechniques to fool the victims.When victim click on ur link the script is executed and send the victimcookies info to attacker website to do this attacker used a php script andhost it in web hosting website when victim click the cookies info ofvictim is send to attacker website where he is host his/her php script ina plain text format he /she used it to login ur website .
  12. 12. You can either used DVWA or WebGoat application to test ur skills likereal scenario u can download WebGoat through OWASP website . Here Iused DVWA application to demonstration. Hack to learn not learn to hack
  13. 13. Here I write kinish kumar and then submit then it display my nameagain we write script and see what it display
  14. 14. Here I write <script>alert(“hello”);</script> and then it doesn’t displaythe script it execute it but it executed once that is the basic difference ofpersistent and non persistent xss.
  15. 15. Here I write script to display cookie I.e,<script>alert(doucument.cookie);</script>and it show the cookies and we can do lot of things when we get somebodycookies by apply phishing or social engineering methods.
  16. 16. Some vulnerable websites are :-1. http://www.timesjobs.com/candidate/companySearch.htm2. http://www.gnomonwatches.com3.http://www.jouezetgagnez.net/index.php?email= Here I will do reflected xss on www.gnomonwatches.com because it is vulnerable to cross site scripting but please don’t do that this is illegal . ALWAYS REMEMBER THIS QUOTE :-
  17. 17. DOM-based vulnerabilities occur in the content processing stages performed by theclient, typically in client-side JavaScript. The name refers to the standard model forrepresenting HTML or XML contents which is called the Document Object Model(DOM) JavaScript programs manipulate the state of a web page and populate it withdynamically-computed data primarily by acting upon the DOM.ORDOM-based Cross-Site Scripting is the de-facto name for XSS bugs which are the resultof active browser-side content on a page, typically JavaScript, obtaining user input andthen doing something unsafe with it which leads to execution of injected code. Thisdocument only discusses JavaScript bugs which lead to XSS.The DOM, or Document Object Model, is the structural format used to representdocuments in a browser. The DOM enables dynamic scripts such as JavaScript toreference components of the document such as a form field or a session cookie. TheDOM is also used by the browser for security - for example to limit scripts on differentdomains from obtaining session cookies for other domains. A DOM-based XSSvulnerability may occur when active content, such as a JavaScript function, is modifiedby a specially crafted request such that a DOM element that can be controlled by anattacker.
  18. 18. Reference:- www.infosec4all.tk http://en.wikipedia.org/wiki/Cross- site_scripting https://www.owasp.org/index.php/Cross- site_Scripting_(XSS) I try my best to explain basics of cross site scripting if there is any mistake please comment and give ur valuable suggestions.

×