Anatomy of an XSS Attack
Page 1 of 1
Anatomy of an XSS Attack
Cross site scripting (XSS) flaws are a relatively common issue in web application security, but they are still extremely lethal. They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. This can lead to extreme difficulty in tracing attackers, especially when requests are not fully logged (such as POST requests). Many documents discuss the actual insertion of HTML into a vulnerable script, but stop short of explaining the full ramifications of what can be done with a successful XSS attack. While this is adequate for prevention, the exact impact of cross site scripting attacks has not been fully appreciated. This paper will explore those possibilities.
This is a unique effort written in the 1st person, as a cybercriminal, to exemplify the grave harm that can come to users and consumers when cross-site scripting (XSS) vulnerabilities are left unmitigated.
Download from holisticinfosec
This is a unique effort written in the 1st person, as a cybercriminal, to exemplify the grave harm that can come to users and consumers when cross-site scripting (XSS) vulnerabilities are left unmitigated.
Download from holisticinfosec
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» PDF Attack
» Durzosploit XSS attack
» MD5-string attack on web applications
» Web application firewall bypass with a XSS attack
» Web Browsers: An Emerging Platform Under Attack
» Durzosploit XSS attack
» MD5-string attack on web applications
» Web application firewall bypass with a XSS attack
» Web Browsers: An Emerging Platform Under Attack
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|