Hello TurkHackTeam members, in this thread, I'll do a detailed instruction about XSS (Cross Side Scripting, so without further ado let's get to the point.
- Subject Titles -
- What is XSS, What does it do ?
- What is doable with XSS ?
-What is the cause of XSS vulnerability ?
-What are XSS types ?
-How to protect ourselves from XSS vulnerability ?
What is XSS, What does it do ?
XSS (Cross Site Scripting is usually found in web applications.
It's a web security vulnerability that the attacker can use to run a malicious code array in victim's browser or that can directly damage the system. It makes it possible to inject client sided code to web sites that are viewed by the victim.
What are Doable With XSS ?
-With Javascript;
Via commonly used [email protected] we can obtain victim's session information. Via Ajax tool, we can save the victim's info on a remote data. Actually you can do everything that you can do with Javascript code, It's also a situation that's dependant on a bit of your imagination.
-With HTML;
As the easiest you can do data theft by planting a fake input. With Met@ Refre@SH, you can route it to a site that you want, shortly you can forward it however you want by using html and css
What is the cause of XSS vulnerability?
The mosic basic cause is, the inputs that are coming from users crossing without any process. These inputs are generally sent via get method or, cookie, session and id values.
What are XSS Types ?
XSS Attack types are seperated into 3.
-What is Reflected XSS ?
In this attack type, instead of the parameter that the victim expects, when the Javascript code enters, it's an XSS type to sent to a remote server which the attacker is in control of.
-What is DOM Based XSS ?
It appears in many programming languages like PHP, ASP.NET, it allows us to interfere by giving a hand to objects in the page. The filters that are applied Server Side usually don't work since it's a client based XSS type.
-What is Stored (Perisent) XSS ?
It's a permanent XSS type. It's an XSS variation that appears when we save datas to the database without scanning the data that we receive from the user, and appears when we visit later. As it being different from other XSS types, it's not necessary to contact the victim.
How To Protect Ourselves From XSS Vulnerability?
By not clicking directly on URLs that are sent to us, Incorporating the data included in the page with parameters on the backend side after passing through various filters will eliminate the threat of cross site scripting on your system. It might not be enough to only block characters in some cross-site scripting attack situations. For example when you block <script> tag, attacker can still peform cross site scripting attack by using parameters that allow running various javascript like onload or @n, @NVER, code to HTML code. Instead of character block, if it's required to give example from PHP systems, incorporating the data in the page after passing from functions like htmlspecialchars,strip_tags,trim will make your site more secure against attacks.
Source : https://www.turkhackteam.org/siber-guvenlik/1941236-xssi-detayli-bir-sekilde-ogrenelim.html
Translator : Vilge234
Translator : Vilge234
Moderatör tarafında düzenlendi:
