Kartier Pohs

Monday, December 21, 2015

Cross site scripting tutorial for beginners

Cross Site Scripting or XSS, is a type of security vulnerability on web applications which allows an attacker to execute code on the target website from a user's browser, often causing side effects such as data compromise, or the stealing of a user session.

cross site scripting tutorial for beginners

Types of Cross Site Scritping :  
There are mainly 3 types of Cross-Site Scripting
  1. Stored/Non-Reflective/Persistent Cross Site Scripting. 
  2. Non-Persistent/Reflected Cross Site Scripting. 
  3.  DOM based cross site scripting  
1.  Non-Stored/Reflective/Reflected Cross Sited Scripting. 

Reflected XSS is the most frequent type of XSS attacka.This attack is also known as non persistent XSS attacks and, since the attack payload is delivered and executed via a single request and response.

2.  Stored/Non-Reflective/Persistent Cross Site Scripting.

·         Persistent XSS is  more dangerous than reflective XSS. This attack embeds the malicious script permanently into the web application. The script will then wait until people access the page it is located on.
      Example of Persistent/Non-Persistent based XSS scripts are

  •   <script>alert(0)</script> 
  • "><svg/onload=prompt(/XSS-Tested-By-Yogesh-Prasad/);>
  • "/><img src=x onerror=prompt(/XSS-Tested-By-Yogesh-Prasad/)>

3.  DOM based cross site scripting 

DOM-based XSS is not considered a standalone classification of XSS as it overlaps somewhat with Reflected and Stored XSS. However, it’s called out separately due to one very important distinction. Unlike Reflected and Stored XSS - whose payloads are embedded in the HTML responses sent from the server - DOM-based XSS exists almost purely in the victim’s browser. 

 Example of DOM based XSS scripts are

  • /default.aspx#"><img src=x onerror=prompt("XSSed By Yogesh Prasad");>  
  • /default.aspx#"><img src=x onerror=prompt("XSSed By Yogesh Prasad");>   

Places to Find XSS Vulnerabilities
XSS is found in many locations of the website but here i am listing some locations and specific points where XSS may be found
  • The URL
  • GET parameters
  • POST parameters
  • HTTP referrer objects
  • Window.location
  • Document.referrer
  • document.location
  • document.URL Unencoded
  • All headers
  • Cookie data

Why is Cross-Site Scripting Bad?

Cross-Site Scripting can lead to all sorts of different exploits, including system compromise. For an attacker to do this, they need to break out of the browser's context. We have seen examples that breaking out of the browser  is not that hard to do.
In addition, an attacker can also establish a bi-directional channel using iframes. This creates a man-in-the-middle attack. The attacker can then intercept key strokes, use the victim as an intranet port scanner, and even stealing credentials. The attacker is only limited by their knowledge of scripting.

 In my next tutorial i will explain the working of  Reflected cross site scripting in details and show you some demonstration of reflected XSS so that you can understand it easily.I hope you liked this basic tutorial about XSS or cross site scripting.


No comments:

Post a Comment

Copyright 2015 @ Yogesh Prasad