2 things before we begin
- Don’t confuse this with CSS (Cascaded StyleSheet). Some genius replaced the C with X thus giving it new identity i.e. XSS.
- This one is going to be a theory part. we will see the demo in next part.. stay tuned.!
XSS is a client side vulnerability which allows the execution of script in the browser.The attacker can also load the script on the server side which will get executed whenever any user visits that site.
This is one of the most common vulnerability which might lead to:
- Website defacement
- Cookie stealing
- History stealing
- and much more..!!
- DOM based
We will be discussing them one by one:
In this attack the attacker manipulates the URL and embeds the script in the URL itself.
The attackers are smart enough to change the above URL
- URL shortener services e.g. tiny URL, goo.gl to name a few
- Create a Hyperlink (Free movies) and provide the destination as the malformed URL.(EASY right..??)
This attack will work only if user clicks the link shared by the attacker. It’s better to navigate to the site manually and by not clicking unknown links.
STORED OR PERSISTENT:
This one is a more dangerous and wide spread.The attacker will upload the script on the server and everytime the page is visited or rendered the script will run.Manually navigating to the site will not work in this case.
Where to upload the script.?
Comments field is one common example.If input sanitation is not done the scripy will run everytime the page is loaded.
The script will try to alter the DOM or steal data from the DOM.
What is DOM..??? & Why we need it..???
I will create a small HTML code below.
<!doctype html> <html> <head> <title></title> </head> <body> <h1>test</h1> < Div>h2 test</hDiv> </body> </html>
For the above code DOM will be created in the browser as below
Hackers found that they can forcibly load another web site into an HTML frame within the same browser window. Now using the JS they can cross the boundaries between the two web pages thus reading the data from one page into another.This way JS is empowered to manipulate the DOM.