Labels

algorithms (22) Design Patterns (20) java (19) linux (14) Snippet (13) service mix (6) soa (4)

Cross-Site Scripting (XSS)

  • A web site may be vulnerable if there is a provision for a user to enter javascript through input fields and the inserted data is viewed by another webpage in HTML tags (not in TextArea or TextFields).
  • If there is such a case of displaying the data on a webpage, then the attacker can input the malicious script into database, which hijacks the cookie or session information when executed.
  • When we see the inputted data through another webpage - the script runs, collects the session info and passes the info to the attacker’s website.

An User can be tricked to click a hyperlink, which upon clicking inserts the script into application and executes in application domain bypassing the browser security restrictions.

Ex:

1) WebApp runs on http://webappdomain/webapp/ and a User is logged in.

2) From another website/email or from any other source, a user can be tricked to click the following url.

3) The hyperlink with script if clicked, can execute the script under the domain (webappdomain/webapp/).


<a href="”http://webappdomain/webapp/getdetails?clientno="1&station="1&code="1<SCRIPT">alert(’Hi’); </script>”>http://webappdomain/webapp/xxxx.jsp</a>



4) If the page, which is loaded by the above click, prints the parameter ‘code’ on the webpage, then the scripts gets injected into the webpage and executes.

No comments:

Post a Comment

Search 24 Bytes