Cross Site Scripting (XSS) - PowerPoint PPT Presentation
Title:
Cross Site Scripting (XSS)
Description:
Title: Cost Report Training Author: culverr Last modified by: Ehab Ashary Created Date: 5/31/2005 7:25:04 PM Document presentation format: On-screen Show – PowerPoint PPT presentation
Number of Views:482
Avg rating:3.0/5.0
Title: Cross Site Scripting (XSS)
1
Cross Site Scripting (XSS)
CS 526 Ehab B. Ashary Cross
2
Cross Site Scripting Outline
- Definition
- Risks
- Cross Site Scripting Types
- Testing
- Tools
- All Together
- Defense
- References
3
Definition
- Cross Site Scripting (XSS) is a type of computer
security exploit where information from one
context, where it is not trusted, can be inserted
into another context, where it is - The trusted website is used to store, transport,
or deliver malicious content to the victim - The target is to trick the client browser to
execute malicious scripting commands - JavaScript, VBScript, ActiveX, HTML, or Flash
- Caused by insufficient input validation.
4
Cross Site Scripting Risks
- XSS can
- Steal cookies
- Hijack of users session
- Unauthorized access
- Modify content of the web page
- Inserting words or images
- Misinform
- Bad reputation
- Spy on what you do
- Network Mapping
- XSS viruses
5
Cross Site Scripting Types
- Three known types
- Reflected (Non-Persistent)
- Link in other website or email
- Stored (Persistent)
- Forum, bulletin board, feedback form
- Local
- PDF Adobe Reader , FLASH player
6
Reflected (Non-Persistent)
- Malicious content dose not get stored in the
server - The server bounces the original input to the
victim without modification
7
Stored (Persistent)
- The server stores the malicious content
- The server serves the malicious content in its
original form
8
Local
- The injected script does not traverse to the
server - Arising fast as the major threat as the other two
types of XSS are getting fixed
9
Cross Site Scripting Testing
- Where to start?
- Search box
- Feedback/Guestbook
- Application forms
- Look for input that can be displayed back by the
site - ltscriptgtalert(Boo)lt/scriptgt
- Dont forget to test with different encoding
scheme - Base64, URL, Unicode
10
Cross Site Scripting Tools
- N-stalker
- Acunetix
- Paros
- Firefox add-ons
- Hackbar
- XSS ME
11
Cross Site Scripting All Together
12
Cross Site Scripting All Together
13
Cross Site Scripting All Together
14
Cross Site Scripting All Together
15
Cross Site Scripting All Together
- ltSCRIPT SRChttp//ha.ckers.org/xss.jsgtlt/SCRIPTgt
16
Cross Site Scripting All Together
17
Cross Site Scripting Defense
- Clint side
- Disable JS
- Verify email
- Always update
- Server side
- Input validation (Black listing VS White listing)
- Encode all meta characters send to the client
- keep track of user sessions
- Web application firewall
- Always test
18
Cross Site Scripting References
- RSnake, XSS Cheat Sheet
- http//ha.ckers.org/xss.html
- XSS Attack information
- http//xssed.com/
- OWASP Testing for XSS
- http//www.owasp.org/index.php/Testing_for_Cross_s
ite_scripting - Klein, A., DOM Based Cross Site Scripting
http//www.webappsec.org/projects/articles/071105.
shtml - Acunetix web application security
- http//www.acunetix.com
- N-stalker
- http//www.nstalker.com
- How to use XSS ME
- http//a4apphack.com/index.php/featured/secfox-xss
me-automated-xss-detection-in-firefoxpart-3 - SANS Web Application Security Workshop
