GBCONCEPTS ONLINE

Cross-Site Scripting (usually shortened to XSS) attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites.(i.e a malicious web site could load another web site into another frame or window then use JavaScript to read or write data on the other web site.)

Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script like javascript, to a different end user. It is generally believed that up to 68% of websites are vulnerable to XSS attacks. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.

By finding clever ways of injecting malicious scripts into web pages an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other objects. Cross-site scripting was originally referred to as CSS, although this usage has been largely discontinued due to confusion with the abbreviation for Cascading Style Sheets.
XSS attacks usually come in the form of embedded JavaScript. However, sometimes including some markup language such as HTML or XHTML. XSS sometimes affects Sun Microsystems’s Java, Microsoft’s ActiveX and VBScript, Adobe’s Flash and ActionScript, and RSS and Atom feeds. In fact, any embedded active content is a potential source of danger.

Attackers frequently use a variety of methods to encode the malicious portion of the tag, such as using Unicode, so the request is less suspicious looking to the user. There are hundreds of variants of these attacks, including versions that do not even require any < > symbols .

This is why it is usually difficult to “filter out” these scripts. XSS exploitations started since the 1990’s and popular/ high profile site have also been targeted such as the search engine Google, the email services of Google and Yahoo!, social networking sites Facebook, MySpace, and Orkut. As well as Wikipedia

TYPES OF XSS VULNERABILITIES.

There are three basic types of XSS vulnerabilities/attacks. They are
1. Persistent
2. Non-Persistent
3. Dom Based (this can be persistent or non persistent)

1 PERSISTENT XSS VULNERABILITY

The persistent XSS vulnerability is also referred to as a stored or second-order vulnerability.
This vulnerability is the type that allows the most powerful kind of attacks.
This vulnerability arises when a user’s data is persistently stored on a server such as in a database, file system etc and is subsequently displayed without encoding to users. It is referred to as a Type 2 XSS vulnerability.

An example is seen in Forums and online message boards where users post HTML formatted messages for others to read.It is more dangerous because an attacker’s codes or malicious script can be executed more than once on the server. This could lead to the Forum or application being infected with XSS viruses or worms .

According to wikipedia.org
XSS Worms exploit a vulnerability known within a website, normally infecting users whereas other users can be infected in a variety of ways depending on the vulnerability.

Cross-site scripting vulnerabilities are commonly exploited in the form of worms on popular social or commercial websites, such as MySpace, Yahoo!, Orkut, Justin.tv, and Twitter. These worms can be used for malicious intent, giving an attacker the basis to steal personal information, cookies, and other relevant data regarding the website or the infected visitor.

In the case of the Samy worm, the largest known XSS worm which infected over 1 million MySpace profiles in less than 20 hours, the virus author was sued and entered a plea agreement to a felony charge.

XSS worms start with a payload. This payload will normally be placed within sensitive user data or requested from other websites to the author’s intent. General application of the XSS worm concept includes the infection of profiles, chat systems, and more.

Tweet This Post