SlideShare a Scribd company logo

logout.php Session Data after Logout Username Email . $_.docx

Download as DOCX, PDF
S
smile790243

The document discusses cross-site scripting (XSS) vulnerabilities, detailing their types (non-persistent, persistent, and DOM-based) and the potential risks associated with them, such as account hijacking and data compromise. It emphasizes the importance of employing security measures during the application development phase, including proper input validation and encoding practices to prevent such attacks. Recommendations for mitigating XSS vulnerabilities are provided, including using vetted libraries, enforcing server-side checks, and adopting a whitelist approach for input validation.

Education
1 of 9
Download to read offline
1
2
3
4
5
6
7
8
9
logout.php Session Data after Logout Username Email " . $_SESSION['appusername'] . " " . "" . $_SESSION['appemail'] . " "; ?> ZAP Scanning Report for loginAuthReport.odt ZAP Scanning Report Summary of Alerts Risk Level Number of Alerts High 2 Medium 1 Low 5 Informational 3 Alert Detail High (Warning) Cross Site Scripting (Reflected) Description Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a
browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser- supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non- persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts,
web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code. URL http://localhost/week4/authcheck.php Parameter username Attack </td><script>alert(1);</script><td> Solution Phase: Architecture and Design Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket. Phases: Implementation; Architecture and Design Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when
generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies. For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters. Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed. Phase: Architecture and Design For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. Phase: Implementation For every web page that is generated, use and specify a
character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping. To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set. Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a whitelist of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a blacklist). However, blacklists can be useful for detecting potential attacks or determining which inputs are so malformed that they should
be rejected outright. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue." Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere. Reference http://projects.webappsec.org/Cross-Site-Scripting http://cwe.mitre.org/data/definitions/79.html CWE Id 79 WASC Id 8 High (Warning) Cross Site Scripting (Reflected) Description Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a
browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser- supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non- persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable
resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code. URL http://localhost/week4/authcheck.php Parameter emailadd Attack </td><script>alert(1);</script><td>
logout.php Session Data after Logout Username Email . $_.docx

More Related Content

Similar to logout.php Session Data after Logout Username Email . $_.docx (20)

DOCX
Pantallas escaneo Sitio Web
andres1422
 
PDF
IRJET- A Survey on Various Cross-Site Scripting Attacks and Few Prevention Ap...
IRJET Journal
 
PDF
Web Vulnerabilities And Exploitation - Compromising The Web
Zero Science Lab
 
PPTX
15 owasp top 10 - a3-xss
appsec
 
PPTX
Cross Site Scripting ( XSS)
Amit Tyagi
 
PDF
Be Afraid. Be Very Afraid. Javascript security, XSS & CSRF
Mark Stanton
 
PPTX
Reflective and Stored XSS- Cross Site Scripting
InMobi Technology
 
PDF
Session7-XSS & CSRF
zakieh alizadeh
 
PPT
Security Vulnerabilities
Marius Vorster
 
PPT
Application Security
nirola
 
PPTX
Cross site scripting
kinish kumar
 
PPTX
OWASP top 10-2013
tmd800
 
PDF
Introduction to Cross Site Scripting ( XSS )
Irfad Imtiaz
 
PDF
Study of Cross-Site Scripting Attacks and Their Countermeasures
Editor IJCATR
 
PPTX
WEB APPLICATION SECURITY
yashwanthlavu
 
PDF
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne
 
PDF
xss-100908063522-phpapp02.pdf
yashvirsingh48
 
PPT
XSS Primer - Noob to Pro in 1 hour
snoopythesecuritydog
 
PDF
XSS Exploitation
Hacking Articles
 
PPT
Cross site scripting (xss)
Manish Kumar
 
Pantallas escaneo Sitio Web
andres1422
 
IRJET- A Survey on Various Cross-Site Scripting Attacks and Few Prevention Ap...
IRJET Journal
 
Web Vulnerabilities And Exploitation - Compromising The Web
Zero Science Lab
 
15 owasp top 10 - a3-xss
appsec
 
Cross Site Scripting ( XSS)
Amit Tyagi
 
Be Afraid. Be Very Afraid. Javascript security, XSS & CSRF
Mark Stanton
 
Reflective and Stored XSS- Cross Site Scripting
InMobi Technology
 
Session7-XSS & CSRF
zakieh alizadeh
 
Security Vulnerabilities
Marius Vorster
 
Application Security
nirola
 
Cross site scripting
kinish kumar
 
OWASP top 10-2013
tmd800
 
Introduction to Cross Site Scripting ( XSS )
Irfad Imtiaz
 
Study of Cross-Site Scripting Attacks and Their Countermeasures
Editor IJCATR
 
WEB APPLICATION SECURITY
yashwanthlavu
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne
 
xss-100908063522-phpapp02.pdf
yashvirsingh48
 
XSS Primer - Noob to Pro in 1 hour
snoopythesecuritydog
 
XSS Exploitation
Hacking Articles
 
Cross site scripting (xss)
Manish Kumar
 

More from smile790243 (20)

DOCX
PART B Please response to these two original posts below. Wh.docx
smile790243
 
DOCX
Part C Developing Your Design SolutionThe Production Cycle.docx
smile790243
 
DOCX
PART A You will create a media piece based around the theme of a.docx
smile790243
 
DOCX
Part 4. Implications to Nursing Practice & Implication to Patien.docx
smile790243
 
DOCX
PART AHepatitis C is a chronic liver infection that can be e.docx
smile790243
 
DOCX
Part A post your answer to the following question1. How m.docx
smile790243
 
DOCX
PART BPlease response to these two original posts below..docx
smile790243
 
DOCX
Part A (50 Points)Various men and women throughout history .docx
smile790243
 
DOCX
Part A1. K2. D3. N4. C5. A6. O7. F8. Q9. H10..docx
smile790243
 
DOCX
Part A Develop an original age-appropriate activity for your .docx
smile790243
 
DOCX
Part 3 Social Situations2. Identify multicultural challenges th.docx
smile790243
 
DOCX
Part A (1000 words) Annotated Bibliography - Create an annota.docx
smile790243
 
DOCX
Part 6 Disseminating Results Create a 5-minute, 5- to 6-sli.docx
smile790243
 
DOCX
Part 3 Social Situations • Proposal paper which identifies multicul.docx
smile790243
 
DOCX
Part 3 Social Situations 2. Identify multicultural challenges that .docx
smile790243
 
DOCX
Part 2The client is a 32-year-old Hispanic American male who c.docx
smile790243
 
DOCX
Part 2For this section of the template, focus on gathering deta.docx
smile790243
 
DOCX
Part 2 Observation Summary and Analysis • Summary paper of observat.docx
smile790243
 
DOCX
Part 2 Observation Summary and Analysis 1. Review and implement any.docx
smile790243
 
DOCX
Part 2Data collectionfrom your change study initiative,.docx
smile790243
 
PART B Please response to these two original posts below. Wh.docx
smile790243
 
Part C Developing Your Design SolutionThe Production Cycle.docx
smile790243
 
PART A You will create a media piece based around the theme of a.docx
smile790243
 
Part 4. Implications to Nursing Practice & Implication to Patien.docx
smile790243
 
PART AHepatitis C is a chronic liver infection that can be e.docx
smile790243
 
Part A post your answer to the following question1. How m.docx
smile790243
 
PART BPlease response to these two original posts below..docx
smile790243
 
Part A (50 Points)Various men and women throughout history .docx
smile790243
 
Part A1. K2. D3. N4. C5. A6. O7. F8. Q9. H10..docx
smile790243
 
Part A Develop an original age-appropriate activity for your .docx
smile790243
 
Part 3 Social Situations2. Identify multicultural challenges th.docx
smile790243
 
Part A (1000 words) Annotated Bibliography - Create an annota.docx
smile790243
 
Part 6 Disseminating Results Create a 5-minute, 5- to 6-sli.docx
smile790243
 
Part 3 Social Situations • Proposal paper which identifies multicul.docx
smile790243
 
Part 3 Social Situations 2. Identify multicultural challenges that .docx
smile790243
 
Part 2The client is a 32-year-old Hispanic American male who c.docx
smile790243
 
Part 2For this section of the template, focus on gathering deta.docx
smile790243
 
Part 2 Observation Summary and Analysis • Summary paper of observat.docx
smile790243
 
Part 2 Observation Summary and Analysis 1. Review and implement any.docx
smile790243
 
Part 2Data collectionfrom your change study initiative,.docx
smile790243
 
Ad

Recently uploaded (20)

PPTX
Views on Education of Indian Thinkers Mahatma Gandhi.pptx
ShrutiMahanta1
 
PPTX
Capitol Doctoral Presentation -July 2025.pptx
CapitolTechU
 
PDF
BÀI TẬP BỔ TRỢ THEO LESSON TIẾNG ANH - I-LEARN SMART WORLD 7 - CẢ NĂM - CÓ ĐÁ...
Nguyen Thanh Tu Collection
 
PPTX
SCHOOL-BASED SEXUAL HARASSMENT PREVENTION AND RESPONSE WORKSHOP
komlalokoe
 
PPTX
PPT on the Development of Education in the Victorian England
Beena E S
 
PPTX
2025 Winter SWAYAM NPTEL & A Student.pptx
Utsav Yagnik
 
PPTX
Optimizing Cancer Screening With MCED Technologies: From Science to Practical...
i3 Health
 
PDF
The-Beginnings-of-Indian-Civilisation.pdf/6th class new ncert social/by k san...
Sandeep Swamy
 
PPTX
Optimizing Cancer Screening With MCED Technologies: From Science to Practical...
i3 Health
 
PPTX
Explorando Recursos do Summer '25: Dicas Essenciais - 02
Mauricio Alexandre Silva
 
PPTX
Latest Features in Odoo 18 - Odoo slides
Celine George
 
PPTX
Unit 2 COMMERCIAL BANKING, Corporate banking.pptx
AnubalaSuresh1
 
PDF
ARAL-Orientation_Morning-Session_Day-11.pdf
JoelVilloso1
 
PPTX
How to Configure Prepayments in Odoo 18 Sales
Celine George
 
PPTX
How to Manage Access Rights & User Types in Odoo 18
Celine George
 
PDF
CEREBRAL PALSY: NURSING MANAGEMENT .pdf
PRADEEP ABOTHU
 
PDF
community health nursing question paper 2.pdf
Prince kumar
 
PPTX
How to Configure Storno Accounting in Odoo 18 Accounting
Celine George
 
PPTX
Nutri-QUIZ-Bee-Elementary.pptx...................
ferdinandsanbuenaven
 
PPTX
HYDROCEPHALUS: NURSING MANAGEMENT .pptx
PRADEEP ABOTHU
 
Views on Education of Indian Thinkers Mahatma Gandhi.pptx
ShrutiMahanta1
 
Capitol Doctoral Presentation -July 2025.pptx
CapitolTechU
 
BÀI TẬP BỔ TRỢ THEO LESSON TIẾNG ANH - I-LEARN SMART WORLD 7 - CẢ NĂM - CÓ ĐÁ...
Nguyen Thanh Tu Collection
 
SCHOOL-BASED SEXUAL HARASSMENT PREVENTION AND RESPONSE WORKSHOP
komlalokoe
 
PPT on the Development of Education in the Victorian England
Beena E S
 
2025 Winter SWAYAM NPTEL & A Student.pptx
Utsav Yagnik
 
Optimizing Cancer Screening With MCED Technologies: From Science to Practical...
i3 Health
 
The-Beginnings-of-Indian-Civilisation.pdf/6th class new ncert social/by k san...
Sandeep Swamy
 
Optimizing Cancer Screening With MCED Technologies: From Science to Practical...
i3 Health
 
Explorando Recursos do Summer '25: Dicas Essenciais - 02
Mauricio Alexandre Silva
 
Latest Features in Odoo 18 - Odoo slides
Celine George
 
Unit 2 COMMERCIAL BANKING, Corporate banking.pptx
AnubalaSuresh1
 
ARAL-Orientation_Morning-Session_Day-11.pdf
JoelVilloso1
 
How to Configure Prepayments in Odoo 18 Sales
Celine George
 
How to Manage Access Rights & User Types in Odoo 18
Celine George
 
CEREBRAL PALSY: NURSING MANAGEMENT .pdf
PRADEEP ABOTHU
 
community health nursing question paper 2.pdf
Prince kumar
 
How to Configure Storno Accounting in Odoo 18 Accounting
Celine George
 
Nutri-QUIZ-Bee-Elementary.pptx...................
ferdinandsanbuenaven
 
HYDROCEPHALUS: NURSING MANAGEMENT .pptx
PRADEEP ABOTHU
 
Ad

logout.php Session Data after Logout Username Email . $_.docx

  • 1. logout.php Session Data after Logout Username Email " . $_SESSION['appusername'] . " " . "" . $_SESSION['appemail'] . " "; ?> ZAP Scanning Report for loginAuthReport.odt ZAP Scanning Report Summary of Alerts Risk Level Number of Alerts High 2 Medium 1 Low 5 Informational 3 Alert Detail High (Warning) Cross Site Scripting (Reflected) Description Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a
  • 2. browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser- supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non- persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts,
  • 3. web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code. URL http://localhost/week4/authcheck.php Parameter username Attack </td><script>alert(1);</script><td> Solution Phase: Architecture and Design Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket. Phases: Implementation; Architecture and Design Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when
  • 4. generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies. For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters. Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed. Phase: Architecture and Design For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. Phase: Implementation For every web page that is generated, use and specify a
  • 5. character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping. To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set. Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a whitelist of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a blacklist). However, blacklists can be useful for detecting potential attacks or determining which inputs are so malformed that they should
  • 6. be rejected outright. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue." Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere. Reference http://projects.webappsec.org/Cross-Site-Scripting http://cwe.mitre.org/data/definitions/79.html CWE Id 79 WASC Id 8 High (Warning) Cross Site Scripting (Reflected) Description Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a
  • 7. browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser- supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non- persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable
  • 8. resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code. URL http://localhost/week4/authcheck.php Parameter emailadd Attack </td><script>alert(1);</script><td>