What is xss???
XSS stands for Cross site Scripting. It is one of the top Web Application Vulnerability. This vulnerability allows the attacker to insert client side scripts(especially Javascript).Using this vulnerability an attacker can inject malicious codes, which leads to malware attacks..
Method 1: Injection in form box(especially search box)
An attacker can enter the malcious script inside the search box and click the search button. This will lead to run the malicious script inside that website
Using method 1, you can enter the code in search box and click the search button.
or
using method 2, you can enter the code in url like this:
XSS stands for Cross site Scripting. It is one of the top Web Application Vulnerability. This vulnerability allows the attacker to insert client side scripts(especially Javascript).Using this vulnerability an attacker can inject malicious codes, which leads to malware attacks..
XSS Vulnerability and Injection:
Step 1: Finding Vulnerable Website:
its not a difficult job for a script kiddieAs usual an attacker will search in google using the google Dork. For example, he will search for "search?q=". This will results plenty of website.
Step 2: Testing the Vulnerability:
In order to test the vulnerability, we need to find a POST or Get parameter. Confused ? It is just input fields that will be send to server. For example search query,username ,password .
There are two ways to test the vulnerability:
There are two ways to test the vulnerability:
Method 1: Injection in form box(especially search box)
An attacker can enter the malcious script inside the search box and click the search button. This will lead to run the malicious script inside that website
Method 2: Injecting in url
In this method , there may not any form box. They use the url field instead.For Example:
In this method , there may not any form box. They use the url field instead.For Example:
http://vulnerablewebsite/search?q=malicious_script_goes_here
Using method 1, you can enter the code in search box and click the search button.
or
using method 2, you can enter the code in url like this:
if it shows "You are hacked by bikash " message in popup box, then it is vulnerable to XSS.
Step 3: Injecting Malicious Scripts
After find vulnerable site, an attacker will inject malicious scripts. It may lead to stealing cookies and malware attack as said before.
Let us assume an attacker has cookie stealing script in his website. for instance, his malicious script url is
After find vulnerable site, an attacker will inject malicious scripts. It may lead to stealing cookies and malware attack as said before.
Let us assume an attacker has cookie stealing script in his website. for instance, his malicious script url is
http://TargetSite/malicious.js
He can inject now the malcious script inside the vulnerable site like this:
http://TargetSite/malicious.js>
When visitors loads into website, the malicious start to run and cause to cookie stealing.
Persistent XSS:
This is risky XSS vulnerability , it stores the data provided in server. So the malicious script injection is permanently stored in web application. It will be shown to other users when they visit the site.
if the attacker inject malware , then regular users of that website also infected .
For example:
Some sites may store the search query in order to track the user interest. This results in permanent storage of XSS.
Non-Persistent XSS:
Also referred as Reflected XSS . In this case, the storage of malicious script is temporary one(means it won't be shown to other users). Attacker may trick users to visit the URL with injection. As they are regular user of that site, they will trust the link. It leads to stealing cookies.
For example:
When you search in some site, it will return the result with your searching string. This cause to run the malicious code temporarily.
Types of XSS Based on persisting capability:
There are two types of XSS based on persisting Capability namely Persistent and Non-Persistent.Persistent XSS:
This is risky XSS vulnerability , it stores the data provided in server. So the malicious script injection is permanently stored in web application. It will be shown to other users when they visit the site.
if the attacker inject malware , then regular users of that website also infected .
For example:
Some sites may store the search query in order to track the user interest. This results in permanent storage of XSS.
Non-Persistent XSS:
Also referred as Reflected XSS . In this case, the storage of malicious script is temporary one(means it won't be shown to other users). Attacker may trick users to visit the URL with injection. As they are regular user of that site, they will trust the link. It leads to stealing cookies.
For example:
When you search in some site, it will return the result with your searching string. This cause to run the malicious code temporarily.
What can an attacker do with this Vulnerability?
- Stealing the Identity and Confidential Data(credit card details).
- Bypassing restriction in websites.
- Malware Attack
- Denial of Service attacks(Dos)
any doubts please comment and share....
