Xss ppt
- 1. Cross-Site Scripting The most prevalent web application risk
- 2. What damage can XSS cause? Attacker can execute scripts in a victim’s browser to hijack user sessions, deface websites, insert hostile content, redirect users, hijack the user’s browser using malware, etc.
- 3. What kind of applications are vulnerable to XSS attacks? Whenever it takes untrusted user data and sends it to a web browser. WASC revealed that 58% of the applications are vulnerable to XSS.
- 4. Types of XSS 1, Reflected XSS 2. Stored XSS 3. DOM based XSS
- 5. Terminology Active content – Malicious data embedded in user. Input which should always be text. Malicious data – Attacker embedded JavaScript in user input. Injected code – same as malicious data. Payload – same as malicious data. Script – JavaScriptUser input – User supplied data like recipient email address. Untrusted data – same as user data.
- 6. Reflected XSS Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off of a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts.
- 8. Impact of Reflected XSS attacks If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user.
- 9. Stored XSS • Stored attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information. Stored XSS is also sometimes referred to as Persistent XSS
- 10. Stored XSS
- 11. Impact of stored XSS attacks If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. The attacker can carry out any of the actions that are applicable to the impact of reflected XSS vulnerabilities. In terms of exploitability, the key difference between reflected and stored XSS is that a stored XSS vulnerability enables attacks that are self-contained within the application itself. The attacker does not need to find an external way of inducing other users to make a particular request containing their exploit. Rather, the attacker places their exploit into the application itself and simply waits for users to encounter it
- 12. DOM Based XSS • DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim's browser used by the original client side script, so that the client side code runs in an “unexpected” manner.
- 13. Dom Based XSS
- 14. Impact of DOM attacks • DOM XSS can have huge implications for a web application and its users. User accounts can be hijacked, credentials could be stolen, sensitive data could be exfiltrated, and lastly, access to your client computers can be obtained
- 15. How to Prevent Stored and Reflected XSS? 1. Validate input – be very strict 2. Validate output – use untrusted data for display only 3. Eliminate dangerous insertion points
- 16. How to Prevent DOM Based XSS? 1. Validate input 2. Avoid using untrusted data in sensitive client side actions 3. Analyze and harden client side JavaScript code
- 17. Thank You