Do you have that in XXS?
What is XXS?
Cross Site Scripting is vulnerability that occurs when an Attacker injects codes/scripts into the client-facing side of a web application. They do this by inserting data in the application via an untrusted source using a web request. This can also be done when data is included in dynamic content sent to the user of the web application with the content being validated to ensure no malicious content is included. The main thing about XSS is that it doesn’t affect the web site, instead it uses the web site or the server as a Launchpad to trigger the malicious code to send to the site user to: steal login details, monitor user’s activities, abuse the user’s activities, steal the user’s cookie (which has session IDs and passwords).
The malicious content that is sent to the web browser normally uses some element of JAVAscript. However, this could also include HMTL, Flash content or a mixture of malicious codes that could even be more dangerous than the XSS itself. The use of XSS is very powerful because it is commonly used to capture private data such as cookie information, session information to the attacker as well as re-directing a user to a malicious site and tricking them to supply other data and possibly taking control of their machine.
Type of XSS
There are two main types of Cross Site Scripting: Stored and Reflected (and DOM Based XSS)
A stored cross site scripting exploit is one that is permanently stored on the webserver or the database (on a message forum, blog site, in comment fields on a shopping website etc. When a visitor visits the website, this website will ‘server’ the malicious code to the user. Again, this captures various personal data and all activities in the users browser.
With a Reflected Cross Site Scripting attack, the users requested are replayed in the browser back to the user. In that, if a user were to search for a word, that word would be displayed back to the user on the webpage without providing a sensible result/output. In addition, this could present an error message or all the information the user input into the web browser. This type of attacked is normally delivered to the user by an email, a text, via a malicious website, via filling in a form etc.
Risks Associated With XSS
- Misuse of server bandwidth & resources
- User account(username passwords) theft via cookie hijacking)
- Keystroke logging of user activity
- Abuse of credentials
- Allows the attacker the ability to exploit the users browser
- Web app defacement and potential vandalism
- Theft of content