Ethical Hacking - Cross-Site Scripting

Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user's browser.

The attacker does not directly target his victim. Instead, he exploits a vulnerability in a website that the victim visits, in order to get the website to deliver the malicious JavaScript for him. To the victim's browser, the malicious JavaScript appears to be a legitimate part of the website, and the website has thus acted as an unintentional accomplice to the attacker. These attacks can be carried out using HTML, JavaScript, VBScript, ActiveX, Flash, but the most used XSS is malicious JavaScript.

These attacks also can gather data from account hijacking, changing of user settings, cookie theft/poisoning, or false advertising and create DoS attacks.

Example

Let’s take an example to understand how it works. We have a vulnerable webpage that we got by the metasploitable machine. Now we will test the field that is highlighted in red arrow for XSS.

First of all, we make a simple alert script

<script>  
   alert(‘I am Vulnerable’)  
</script>

It will produce the following output −

Types of XSS Attacks

XSS attacks are often divided into three types −

Persistent XSS, where the malicious string originates from the website's database.
Reflected XSS, where the malicious string originates from the victim's request.
DOM-based XSS, where the vulnerability is in the client-side code rather than the server-side code.

Generally, cross-site scripting is found by vulnerability scanners so that you don’t have to do all the manual job by putting a JavaScript on it like

<script>  
   alert('XSS') 
</script>

Burp Suite and acunetix are considered as the best vulnerability scanners.

Quick Tip

To prevent XSS attacks, keep the following points in mind −

Check and validate all the form fields like hidden forms, headers, cookies, query strings.
Implement a stringent security policy. Set character limitation in the input fields.

Comments

IMPORTANCE AND ADVANTAGES OF SIWES

STUDENTS INDUSTRIAL WORK EXPERIENCE SCHEME (SIWES) The Industrial Training/Students Industrial Work Experience Scheme, IT/SIWES is a new Directorate under the Vice-Chancellor’s Office. It was established on 20th April, 2012 The Students Industrial Work Experience Scheme (SIWES) is a skills training programme designed to expose and prepare students of universities and other tertiary institutions for the Industrial Work situation they are likely to meet after graduation. It is also a planned and structured programme based on stated and specific career objectives which are geared towards developing the occupational competencies of participants (Mafe, 2009). Consequently, the SIWES programme is a compulsory graduation requirement for all Nigerian university students offering certain courses. The Students Industrial Work Experience Scheme (SIWES), is the accepted training programme, which

How to Reset HP Elitebook 8460p BIOS/Administrator Password

Have you forgotten HP Elitebook 8460p password , bios or administrator account password? How to do if both of them lost? It seems hard though there may be lots of ways that can solve it. But if we talk about it separately, such as in two parts, HP elitebook password reset would be not so difficult. Part 1: Reset HP Elitebook 8460p BIOS password Part 2: HP Elitebook 8460p Administrator password recovery Part 1: How to Reset Forgotten HP Elitebook BIOS Password? Generally, there are two ways to reset forgotten BIOS password . One is forcing BIOS/CMOS to reset itself to its stored defaults by removing all power from it. The other is to use a program to either locate or identify the password, and reveal it to you or erasing the password clearly. And the most easiest and convenient method for erasing dynamic BIOS/CMOS settings is to remove battery directly from the motherboard. However, it applies to most motherboards besides HP Elitebook BIOS. Fortunately, HP Eliteb

Ethical Hacking - TCP/IP Hijacking

TCP/IP Hijacking is when an authorized user gains access to a genuine network connection of another user. It is done in order to bypass the password authentication which is normally the start of a session. In theory, a TCP/IP connection is established as shown below − To hijack this connection, there are two possibilities − Find the seq which is a number that increases by 1, but there is no chance to predict it. The second possibility is to use the Man-in-the-Middle attack which, in simple words, is a type of network sniffing . For sniffing, we use tools like Wireshark or Ethercap . Example An attacker monitors the data transmission over a network and discovers the IP’s of two devices that participate in a connection. When the hacker discovers the IP of one of the users, he can put down the connection of the other user by DoS attack and then resume communication by spoofing the IP of the disconnected user. Shijack In practice, one of the best TCP/IP hijack too

BillyTech

Search This Blog