Cross-Site Scripting Travis Deyarmin.

Slides:



Advertisements
Similar presentations
Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Advertisements

Nick Feamster CS 6262 Spring 2009
Webgoat.
Past, Present and Future By Eoin Keary and Jim Manico
Incident Handling & Log Analysis in a Web Driven World Manindra Kishore.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane
EECS 354 Network Security Cross Site Scripting (XSS)
-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Web Application Security An Introduction. OWASP Top Ten Exploits *Unvalidated Input Broken Access Control Broken Authentication and Session Management.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
March Intensive: XSS Exploits
CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report
Prevent Cross-Site Scripting (XSS) attack
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Cross-Site Attacks James Walden Northern Kentucky University.
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
Introduction To Web Application Security in PHP. Security is Big And Often Difficult PHP doesn’t make it any easier.
OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.
Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server
Web Applications Testing By Jamie Rougvie Supported by.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Cross Site Scripting and its Issues By Odion Oisamoje.
Cloud = Web, Web = Hacked! Fabio Viggiani. Why Web Apps? Every organization exposes web apps Most common entry point Image source:
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
DISCLAIMER  Hacking is only legal under the following circumstances: 1. You hack (penetration test) a device/network you own. 2. You gain explicit, documented.
Software Security. Bugs Most software has bugs Some bugs cause security vulnerabilities Incorrect processing of security related data Incorrect processing.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
Javascript worms By Benjamin Mossé SecPro
Google’s Gruyere1 : An XSS Example Presented by: Terry Gregory
Group 18: Chris Hood Brett Poche
Web Application Security
Building Secure ColdFusion Applications
CSCE 548 Student Presentation Ryan Labrador
An Introduction to Web Application Security
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
TOPIC: Web Security (Part-4)
CS 371 Web Application Programming
Example – SQL Injection
Security of web applications.
Defense in Depth Web Server Custom HTTP Handler Input Validation
Riding Someone Else’s Wave with CSRF
CSC 495/583 Topics of Software Security Intro to Web Security
Foundations of Network and Computer Security
CSC 482/582: Computer Security
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
CS5123 Software Validation and Quality Assurance
Lecture 27 Security I April 4, 2018 Open news web sites.
Exploring DOM-Based Cross Site Attacks
Presentation transcript:

Cross-Site Scripting Travis Deyarmin

What is XSS Web app vulnerability Allows remote script execution A form of code injection Can vary in impact

Different XSS Persistent Reflected Stored by the server Runs whenever the page is loaded Can be coupled with viruses/worms Usually more severe Reflected Much more common Harder to leverage into deeper exploit Usually visible in the URL

What this means to Network Security XSS can be used to gain admin or user passwords or cookies which then could be used to upload viruses and whatnot Compromise servers

Capabilities The sky is the limit, or rather your imagination is the limit XSS can be used in conjuncture with phishing, SQL and HTML injection, and/or viruses and worms. Session jacking

Stored XSS Session Jacking

Time for a Demo! <SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

Time for a Demo! Example Example2 "><img+onerror="alert(String.fromCharCode(84,104,105,115,32,105,115,32,97,32,112,114,111,111,102,32,111,102,32,99,111,110,99,101,112,116,32,88,83,83,32,97,116,116,97,99,107,32,58,41))"+src="blah.png">

Prevention If this is so easy to do, how can I protect my site? Stored functions – eliminate certain tags Filters Magic Quotes

Filtering Black Listing White Listing Saying only alphanumeric and certain punctuations are allowed. May annoy legitimate users who are trying, lets say, to use a contraction but the single quote is being blocked. Blocking tags like <SCRIPT> or the alert function in javascript This leaves open attacks that are disguised as images. (or whatever else the hacker may think of)

Circumventing filters If say, the word “script” is filtered out, there are a few ways around this. If it’s case sensitive then alternating camel case could get around it. Ex. sCrIpT If they only filter the input once then placing the word inside itself. Ex. scrSCRIPTipt

Circumventing cont’ Convert to Unicode, hex, or salt the vector with vectors Buffer Overflow (usually with A’s) with payload and vector attached to the end of your string HTML entities. Ex. < , &

Sources OWASP Top 10 Vulnerabilities The Web Application Hacker’s Handbook Wikipedia Zack Garcia

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.