Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”).

There all sorts of Injection-Based attacks, if you want to read about them in general, go here, but, if Cross-site Scripting (XSS) is what you are looking for, then read on!

XSS, which is the acronym for Cross-site Scripting, like SQL injections, is one of the most common and dangerous types of attacks these days, and they are placed third inside the AO3 in the OWASP top ten list, which illustrates the severity of these attacks.

XSS is an attack against a web surfer, user, exploited by vulnerabilities in web applications, which allows the attacker to inject malicious scripts that aims to run in the browsers of other system users, while executing the code, the attacker could perform actions on behalf of the user, by exploiting restrictions in the HTTP protocol and even steal the user’s ID!

Exploiting these vulnerabilities consists of finding ways to inject malicious code, that is being “Processed” as valid input into pages belonging to other domains, thereby giving the vulnerability exploiter access to sensitive information located in these sites.

Such attacks can lead to :

  • Intercept user’s input.
  • theft of vital and sensitive information such as credit card information or passwords.
  • impersonation of a particular person or service, which could lead to phishing attacks.

Types of XSS :

  • Persistent/Stored XSS – probably the most dangerous type of XSS, in this case, once the malicious string is saved in the database, there is a situation where the site can “Infect” users who are making some sort of interaction with the database.
  • Reflected XSS – also called “Temporary XSS”, this is probably the most common type of XSS, in this case, the malicious string, or code, is being inserted by the user in some sort of an input, this input is not being validated properly, thus, causing it to being “processed” like it was.
  • DOM based XSS – also known as “Local XSS”, exists mostly on a a client-side script that uses the input to generate an HTML page, without validating if it contains a malicious code or not, for example, a JavaScript code that receives a web address as input, and uses it to generate an HTML page, without making sure that the address itself does not contain code, will contain “Local XSS”.

Let’s look at an example :

This is a website called “XSS Game” designed by google for practicing :

This is the first task :

Now, let’s insert a line of code instead of the expected input :

We insert an input, supposed to be valid, but it is not being checked properly, and in the processing stage, it will be processed as a command instead, allowing you to initiate and edit changes :

Stay safe, choose Kayran.

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 9000 vulnerabilities.Kayran’s mission is to make

Read More »

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »