What is Cross Site Scripting Attack ? Malicious scripts is injected in the code (user provided inputs) of web applications ( website, website database)
Malicious scripts are executed in web browser of victim.
- Attack by malicious code (payload) in legitimate web applications
- It is JavaScript vulnerability in Web applications
- Attacker can steal active session cookie
In short Cross site scripting is called as XSS.
Possible Consequences:
- Keystrokes of user are captured
- Redirecting user to malicious website
- Can crash the browser
- Getting cookie info who login into website.
How it works?
- Attacker need ways to run malicious JavaScript code in user/victims browser
- Now attacker find a way to inject malicious code into the web page (vulnerable) which user visits
- When web page load in end user browser, malicious script injected into web page executes
- Hackers use XSS to steal cookies. They can send cookie to their own servers.
- Attacker injects payload into website database by submitting vulnerable form with malicious JavaScript content.
- Now end user or victim requests web page from web server
- Victim browser executes the code in HTML body.
- Cookie is also sent to attacker server by HTTP request
Types of Cross scripting:
- Reflected XSS ( Malicious scripts from HTTP request)
- Stored XSS also called as persistent ( Malicious scripts from website database)
- DOM based XSS ( Happens due to vulnerability in applications , client side)
What is Document Object Model (DOM)?
It is a programming interface for HTML and XML(Extensible markup language), web documents
This type of attack occurs at client side or server side?
It occurs at Client side: browser; applications, Vulnerable website
Entering scripts in login username, Blog comments
Mitigation: ( How to reduce its effect)
- Input validation
- Sanitization of URLS
- Encode data
What is CSRF?
Cross site request forgery: It web application vulnerability, in this server does not check whether request receive from trusted or not. Whatever it comes it just process directly.
Difference between XSS and CSRF?
- XSS just need vulnerability. CSRF need user interaction to execute the malicious script, link
- XSS is at client side, CSRF at server side.
CSRF is also called as one click, session riding attack
Interview Questions:
What is XSS, and How you mitigate cross-site site scripting?
Answer: It is JavaScript vulnerability in Web applications. Inputs are process without getting validated.
S0 untrusted data will be stored without getting validated.
Mitigation : Input validation, CSP ( Content security policy)
Is XSS client side client-server-side attack?
Answer: Its Client side attack (web applications)
