Cross-Site Scripting | Web application Vulnerability

In this article we're going to learn about cross-site scripting

In Order to learn web application security, we have to learn about web application vulnerabilities. And the first vulnerability we are going to discuss about is Cross-Site Scripting.

So, let’s see what is cross-site scripting?

What is Cross-Site scripting?

Cross-Site scripting also known as XSS is one of the most popular web application vulnerabilities out there.

XSS at its core takes advantage of the web application using scripts on the users’ browsers. Any dynamically created scripts that are executed put’s the website at risk because the scripts being executed can be contaminated or modified in a way to harm the user.

If the code is unsanitized and allowing all the characters in all the fields, so if any HTML or Javascript is present in such field can be executed without any consideration.

Cross-Site scripting can be categorized in several ways, But the big three ways in which the XSS can be executed are.

  • Stored XSS
  • Reflected XSS
  • DOM-Based XSS

we are going to cover these three types in this article.

Stored XSS

So, let’s talk about stored xss first

Stored XSS is persistent in nature. It means if the payload is inserted in the page, It will stay and execute permanently on the page. Stored XSS is the easiest to detect, and yet they are more dangerous.

STORED CROSS SITE SCRIPTING
from OReilly’s web application security book

Stored XSS—malicious script uploaded by a user that is stored in a data‐
base and then later requested and viewed by other users, resulting in script execution on their machines

Reflected XSS

Reflected XSS are more difficult for new hacker to find and take advantage compare to stored xss.

It is also one of the most exploited web application vulnerabilities. The application takes one or more parameters as input, which is reflected back to the web page generated by the application.

Let’s see an example of reflected XSS on DVWA also known as damm vulnerable web application, where you can test almost all the basic vulnerabilities of the web application.

This is the main page of the reflected XSS testing on DVWA.

So to see reflected xss we have to reflect one or more parameter.

Fill the name field with your name and check the url. and insert a script in the url

like “<script>alert(“XSS”);</script>”

Now let’s execute it !

And this is how a reflected XSS looks like .

So, Now we know what is reflected XSS.

Basically, This is how reflected XSS works.

DOM-Based XSS

DOM-based XSS can be either stored or reflected but makes use of browser
DOM sinks and sources for execution. This XSS differs from others because it is executed with a user-supplied input from the DOM of the browser.

These type of XSS are much difficult to take advantage of.

Let’s see a practical DOM based XSS on DVWA.

This is the main page of the DOM XSS testing on DVWA.

Here, we have to select the language, Let’s go with English and analyse the URL.

The URL looks like this.

Now let’s try adding the same XSS script we have used in reflected in the end of the URL and see what happens.

We have added the script. Let’s try to run it and see what happens.

Here we go, We got the XSS popup. That means we have successfully executed the DOM-Based XSS.

Basically, In DOM-Based XSS The attacker can manipulate this data to include XSS content on the web page, for example, malicious JavaScript code.

Now we’ve seen all the major types of Cross-site scripting and how to do it.

How to prevent XSS?

  1. Filter Input on arrival
  2. Encode the data on the output.
  3. Use appropriate response header to prevent XSS.
  4. Always Sanitize the users’ input.

So, These are some ways to prevent cross site scripting.

Share the Post...
WhatsApp

About Cybervie

Cybervie provides best cyber security training program in hyderabad, India.This cyber security course enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations. Taking a proactive approach to security that can help organisations to protect their data, Cybervie has designed its training module based on the cyber security industry requirements with three levels of training in both offensive and defensive manner, and use real time scenarios which can help our students to understand the market up-to its standard certification which is an add on advantage for our students to stand out of competition in an cyber security interview.

More Info – Click Here

Recent Posts

Follow Us on Youtube

CSEP : Certified Security Engineer Professional

Certified Security Engineer Professional (CSEP) certification is a comprehensive program designed for individuals aspiring to become cybersecurity engineers. It equips candidates with hands-on knowledge across various in-demand cybersecurity domains, ensuring they are well-prepared for current and future industry needs.

Organizations today seek candidates with a diverse set of skills beyond just one tool or area of expertise. The CSEP certification addresses this need by providing essential hands-on experience, making you proficient in multiple cybersecurity domains.

The program includes live classes featuring practical exercises, followed by a real-time project that offers valuable industrial knowledge.

Domains covered in the CSEP certification:

  • Cybersecurity Essentials
  • Penetration Testing
  • Application Security
  • Security Operations
  • AI in Cybersecurity
  • Multi-Cloud Security
  • Threat Intelligence

 

This certification is ideal for those looking to secure a role as a cybersecurity engineer and want to gain a competitive edge in the cybersecurity field.

For Further kindly feel free to fill out the profile form  for relevant information on our counselor will get in touch with you

Sign up for our Newsletter

Interested in Cyber Security Training Program 2024 – Click Here
Open chat
1
Hello 👋
How can we help you?