Friday, 28 February 2014

Cross Site Scripting(XSS) Exploitation Walkthrough Part 1





Hi everyone
In this post i and back with an interesting topic Cross Site Scripting and i will show you how to exploit it in two parts.

What is cross site scripting?

Cross Site Scripting is a type of web application vulnerability which allows the website to execute the malicious scripts injected by the attacker in the website .For example if an attacker tries to inject any malicious javascript or HTML codes in the search box of a website and clicks the search button then the website will execute the javascript rather searching for it.In this case you can say that the website id vulnerable to Cross Site Scripting.There are four types of cross site scripting vulnerabilty.

  • Persistent
  • Non-Persistent
  • Flash based
  • DOM based

So in this post we are going to cover the first two types Persistent and Non-Persistent.


What is persistent Cross Site Scripting ?

Persistent Cross Site Scripting, sometimes termed as stored XSS is a web application vulnerability that occurs when the website saves the user inputs and executes it whenever an user visits that webpage.

Example of persistent cross site scripting in Airtel



What is Non-Persistent Cross Site Scripting ?

Non-persistent Cross Site Scripting is a Web application vulnerability in which the user inputs don't get saved but only gets reflected to the users.

Example of non persistent cross site scripting 



What can you do with the cross site scripting?

  •   Hijack an account.
  •   Spread Web worms.
  •   Access browser history and clipboard contents.
  •   Control the browser remotely.
  •   Scan and exploit intranet appliances and applications.

Exploitation of cross site scripting

Well to find and exploit cross site scripting you should have basic knowledge of javascript and HTML . The codes which is entered is an input field is called vector e.g- <script>alert('Abhilash')</script>.In some cases because of the web application firewall(WAF) the vectors get prevented from being executes

How to bypass the filters?

There are many methods to bypass the xss filter like HTML character encoding,capitalization of the letters in a vector,string character codes and many more.You can know more from the filter evasion cheat sheet from OWASP here.

Where can you find cross site scripting?

You can easily find non-persistent cross site scripting bug most probably in Search boxes and persistent cross site scripting in Register Forms,Shout boxes,profile editing form,cloud storage websites(by upload a file with xss vector) and  places where the values gets  saved.

Hope you understood how to exploit cross site scripting. In the next part we will cover the DOM based and Flash based Cross site scripting.If you have any doubts don't hesitate to leave comments.
  
 
 



 








No comments:

Post a Comment

Bottom Navi

copyright Encyberpedia. Powered by Blogger.

Followers