Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Xss Anatomy

Xss Anatomy

Ratings: (0)|Views: 56|Likes:
Published by jasonddennis

More info:

Published by: jasonddennis on Aug 07, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





The Anatomy of Cross Site Scripting
Anatomy, Discovery, Attack, Exploitation 
by Gavin Zuchlinski (gav@libox.net)http://libox.net/ November 5, 2003
Cross site scripting (XSS) flaws are a relatively common issue in webapplication security, but they are still extremely lethal. They areunique in that, rather than attacking a server directly, they use avulnerable server as a vector to attack a client. This can lead toextreme difficulty in tracing attackers, especially when requests arenot fully logged (such as POST requests). Many documents discuss theactual insertion of HTML into a vulnerable script, but stop short ofexplaining the full ramifications of what can be done with a successfulXSS attack. While this is adequate for prevention, the exact impact ofcross site scripting attacks has not been fully appreciated. This paperwill explore those possibilities.
Anatomy of a Cross Site Scripting Attack
A cross site scripting attack is typically done with a specially craftedURI that an attacker provides to their victim. The XSS attack could beconsidered analogous to a buffer overflow, where the injected script issimilar to overwriting an EIP. In both techniques, there are two optionsonce a successful attack has occurred: insert funny data or jump toanother location. Insertion of funny data during a buffer overflowtypically results in a denial of service attack. In the case of a XSSattack, it allows the attacker to display arbitrary information, andsuppress the display of the original webpage. When jumping toanother location during a buffer overflow attack, the new location isanother location in memory where shellcode or other important dataresides – allowing the attacker to take control of the flow of theprogram. Within the XSS context, the attacker instead jumps thevictim to another location on the Internet (typically under theattacker’s control), hijacking the victim’s web browsing session.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->