Gladiator Security Forum > Cross Site Scripting (XSS) Explained

Full Version: Cross Site Scripting (XSS) Explained

Gladiator Security Forum > Computer Software & Hardware > Internet Related Software > Discussion about Internet Related Software

Chachazz

Dec 26 2007, 01:48 PM

Cross Site Scripting (XSS) Explained
by Daniel Miessler

"Many people, including some in the IT and InfoSec fields, lack a decent grasp of Cross Site Scripting (XSS). What follows below will get you up to speed on the fundamental concept in just a few paragraphs.

What It Is
XSS is an input validation issue that lets attackers run scripting code in your browser within the trusted context of a site that you're visiting. Browser scripting code can do quite a bit, including sending your authentication cookies to a malicious site so they can be used to impersonate you.

How It Works
XSS occurs when a site runs code that it's given instead of sanitizing it properly (filtering it for possible dangerous elements). So a site that's vulnerable to XSS can be sent something like the following (within script tags) via an HTTP GET or POST.

Click to view attachment

If you get back a popup window that says, "Uh oh -- XSS" -- the site is vulnerable. One of the most common place to have these issues is in the search forms that most sites have. The key here is that the code is client-side code being "bounced back" to you by the server, which you then run.

The Attack.....

Full article @ http://dmiessler.com/study/xss/

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.