Downloaded 17 times
More Related Content
More from penetration Tester
Xss ppt
- 1. Cross-Site Scripting The mostprevalent web application risk
- 2. What damage canXSS cause? Attacker can execute scripts in a victim’s browser to hijack user sessions, deface websites, insert hostile content, redirect users, hijack the user’s browser using malware, etc.
- 3. What kind ofapplications are vulnerable to XSS attacks? Whenever it takes untrusted user data and sends it to a web browser. WASC revealed that 58% of the applications are vulnerable to XSS.
- 4. Types of XSS 1,Reflected XSS 2. Stored XSS 3. DOM based XSS
- 5. Terminology Active content– Malicious data embedded in user. Input which should always be text. Malicious data – Attacker embedded JavaScript in user input. Injected code – same as malicious data. Payload – same as malicious data. Script – JavaScriptUser input – User supplied data like recipient email address. Untrusted data – same as user data.
- 6. Reflected XSS Reflected XSSattacks, also known as non-persistent attacks, occur when a malicious script is reflected off of a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts.
- 7.
- 8. Impact of ReflectedXSS attacks If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user.
- 9. Stored XSS • Storedattacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information. Stored XSS is also sometimes referred to as Persistent XSS
- 10.
- 11. Impact of storedXSS attacks If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. The attacker can carry out any of the actions that are applicable to the impact of reflected XSS vulnerabilities. In terms of exploitability, the key difference between reflected and stored XSS is that a stored XSS vulnerability enables attacks that are self-contained within the application itself. The attacker does not need to find an external way of inducing other users to make a particular request containing their exploit. Rather, the attacker places their exploit into the application itself and simply waits for users to encounter it
- 12. DOM Based XSS •DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim's browser used by the original client side script, so that the client side code runs in an “unexpected” manner.
- 13.
- 14. Impact of DOMattacks • DOM XSS can have huge implications for a web application and its users. User accounts can be hijacked, credentials could be stolen, sensitive data could be exfiltrated, and lastly, access to your client computers can be obtained
- 15. How to PreventStored and Reflected XSS? 1. Validate input – be very strict 2. Validate output – use untrusted data for display only 3. Eliminate dangerous insertion points
- 16. How to PreventDOM Based XSS? 1. Validate input 2. Avoid using untrusted data in sensitive client side actions 3. Analyze and harden client side JavaScript code
- 17.