Computer Security- Cross Site Scripting

Cross-site scripting (XSS)

What is it?

Essentially, the opposite of SQL.

The attack occurs in the input returned back to the user

Client is able to run scripts sent by server as part of a db query.

The steps below explain the basic model

1. Attacker injects bad script into the victim sever
2. The victim requests content
3. The victim receives the bad script
4. Valuable data is stolen

Types of XSS

Non-persistent

• Requires user to visit specially crafted link by the attacker
• Code executed when link is visited

Persistent

• Injected by attacker stored in secondary device (usually database)
• Less personal

Where can I see a demo?

HTTPS://www.google.com/about/appsecurity/learning/xss

The importance of Javascript

Client-side scripting language

Extends HTML

Code is originated from server-side (and where does the attack in XSS occur…)

Browser interprets it in runtime

The use of a malicious script

When part of a search result, a malicious code is attached:

• Can require username and password which attacker will receive
• Can download viruses

And many more things…

Some uses are email spoofing- a fake bank linking a script to steal user information

Please see the image below:

source: https://www.owasp.org/index.php/Session_fixation

Here, the attacker and the victim are part of the same session, meaning the victims digital footsteps are tracked by the attacker.

Defences

HTTPOnly Cookies- eliminates javascript.