XSS - Cross Site Scripting
origin url: https://www.synopsys.com/glossary/what-is-csrf.html#:~:text=Definition,has in an authenticated user.
Definition
Cross site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website. Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click it. If the app or website lacks proper data sanitization, the malicious link executes the attacker’s chosen code on the user’s system. As a result, the attacker can steal the user’s active session cookie.
How does cross site scripting work?
Here’s an example:
While the payload is usually JavaScript, XSS can take place using any client-side language.
To carry out a cross site scripting attack, an attacker injects a malicious script into user-provided input. Attackers can also carry out an attack by modifying a request. If the web app is vulnerable to XSS attacks, the user-supplied input executes as code. For example, in the request below, the script displays a message box with the text “xss.”
http://www.site.com/page.php?var=
There are many ways to trigger an XSS attack. For example, the execution could be triggered automatically when the page loads or when a user hovers over specific elements of the page (e.g., hyperlinks).
Potential consequences of cross site scripting attacks include these:
- Capturing the keystrokes of a user.
- Redirecting a user to a malicious website.
- Running web browser-based exploits (e.g., crashing the browser).
- Obtaining the cookie information of a user who is logged into a website (thus compromising the victim’s account).
In some cases, the XSS attack leads to a complete compromise of the victim’s account. Attackers can trick users into entering credentials on a fake form, which provides all the information to the attacker.
What are the different cross site scripting approaches?
Stored XSS. Takes place when the malicious payload is stored in a database. It renders to other users when data is requested—if there is no output encoding or sanitization.
Reflected XSS. Occurs when a web application sends attacker-provided strings to a victim’s browser so that the browser executes part of the string as code. The payload echoes back in response since it doesn’t have any server-side output encoding.
DOM-based XSS. Takes place when an attacker injects a script into a response. The attacker can read and manipulate the document object model (DOM) data to craft a malicious URL. The attacker uses this URL to trick a user into clicking it. If the user clicks the link, the attacker can steal the user’s active session information, keystrokes, and so on. Unlike stored XSS and reflected XSS, the entire DOM-based XSS attack happens on the client browser (i.e., nothing goes back to the server).
How can you avoid XSS vulnerabilities?
It’s important to implement security measures early in the application’s development life cycle. For example, carry out software design phase security activities such as architecture risk analysis and threat modeling. It is equally important to conduct security testing once application development is complete.
Strategies to prevent XSS attacks include these:
- Never trust user input.
- Implement output encoding.
- Perform user input validation.
- Follow the defense in depth principle.
- Ensure that web application development aligns with OWASP’s XSS Prevention Cheat Sheet.
- After remediation, perform penetration testing to confirm it was successful.
Protect your organization by following secure development guidelines—building security in at all phases of the application’s development. Output encoding is also key to preventing XSS vulnerabilities. Make use of output encoding libraries that are relevant to the programming languages and frameworks your organization uses. Also, ensure your developers stay up-to-date with XSS prevention best practices.
XSS - Cross Site Scripting的更多相关文章
- XSS (Cross Site Scripting) Prevention Cheat Sheet(XSS防护检查单)
本文是 XSS防御检查单的翻译版本 https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sh ...
- Web安全之XSS(Cross Site Scripting)深入理解
XSS的含义 XSS(Cross Site Scripting)即跨站脚本.跨站的主要内容是在脚本上. 跨站脚本 跨站脚本的跨,体现了浏览器的特性,可以跨域.所以也就给远程代码或者第三方域上的代码提供 ...
- WebGoat学习——跨站脚本攻击(Cross‐Site Scripting (XSS))
跨站脚本攻击(Cross‐Site Scripting (XSS)) XSS(Cross Site Script)跨站脚本攻击.是指攻击者向被攻击Web 页面里插入恶意html代码,当用户浏览该页之时 ...
- 跨站脚本攻击(Cross‐Site Scripting (XSS))
跨站脚本攻击(Cross‐Site Scripting (XSS)) 跨站脚本攻击(Cross‐Site Scripting (XSS)) XSS(Cross Site Script)跨站脚本攻击.是 ...
- XSS 跨站脚本攻击(Cross Site Scripting)
xss表示Cross Site Scripting(跨站脚本攻击),它与SQL注入攻击类似,SQL注入攻击中以SQL语句作为用户输入,从而达到查询/修改/删除数据的目的,而在xss攻击中,通过插入恶意 ...
- Healwire Online Pharmacy 3.0 Cross Site Request Forgery / Cross Site Scripting
Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scriptin ...
- 跨站脚本攻击XXS(Cross Site Scripting)修复方案
今天突然发现,网站被主页莫名奇妙的出现了陌生的广告. 通过排查发现是跨站脚本攻击XXS(Cross Site Scripting).以下为解决方案. 漏洞类型: Cross Site Scriptin ...
- DVWA 黑客攻防演练(十)反射型 XSS 攻击 Reflected Cross Site Scripting
XSS (Cross-site scripting) 攻击,为和 CSS 有所区分,所以叫 XSS.又是一种防不胜防的攻击,应该算是一种 "HTML注入攻击",原本开发者想的是显示 ...
- DVWA 黑客攻防演练(十二) DOM型 XSS 攻击 DOM Based Cross Site Scripting
反射型攻击那篇提及到,如何是"数据是否保存在服务器端"来区分,DOM 型 XSS 攻击应该算是 反射型XSS 攻击. DOM 型攻击的特殊之处在于它是利用 JS 的 documen ...
- DVWA 黑客攻防演练(十一) 存储型 XSS 攻击 Stored Cross Site Scripting
上一篇文章会介绍了反射型 XSS 攻击.本文主要是通过 dvwa 介绍存储型 XSS 攻击.存储型 XSS 攻击影响范围极大.比如是微博.贴吧之类的,若有注入漏洞,再假如攻击者能用上一篇文章类似的代码 ...
随机推荐
- string str = string.Empty也会出错?
如题 为什么会出现这种情况?大佬解释一下.
- Net Core 网关 Ocelot 简单案例
1.什么是Ocelot Ocelot是一个用.NET Core实现并且开源的API网关,它功能强大,包括了:路由.请求聚合.服务发现.认证.鉴权.限流熔断.并内置了负载均衡器与Service Fabr ...
- IIS 负载均衡(ARR)
Application Request Route:应用程序请求路由 1.下载安装web平台安装程序 微软官网搜索 "web平台安装程序" 只能找到 "web平台安装程序 ...
- [转载]python跨文件使用全局变量的实现
python跨文件使用全局变量的实现 更新时间:2022-10-25 14:46:38发布时间:602天前 朗读 Python 定义了全局变量的特性,使用global 关键字修饰 1 global k ...
- JavaScrip 学习笔记
<script> $().ready(function () { // 在键盘按下并释放及提交后验证提交表单 $("#form1").validate({ errorE ...
- fabric学习笔记8
fabric学习笔记8 20201303张奕博 2023.1.19 具体结构: Wallet中的X.509数字证书将组织和持有者联系起来,使得持有者能够有权限连接到网络,不同的持有者身份拥有不同的权限 ...
- Mysql数据库基础第五章:(二)视图
Mysql数据库基础系列 软件下载地址 提取码:7v7u 数据下载地址 提取码:e6p9 mysql数据库基础第一章:(一)数据库基本概念 mysql数据库基础第一章:(二)mysql环境搭建 mys ...
- java--BigDecimal 类型介绍
BigDecimal.add(); //加法 BigDecimal.subtract(); //减法 BigDecimal.multiply(); //乘法 BigDecimal.divi ...
- 用例需注意的点-UI自动化
记几条--用例注意事项:用例从功能里面转化而来,并且不能脱离业务(针对某一个页面功能\某一个流程业务,写一条用例:即将界面操作间接转化为代码去操作!)1用例要尽量独立,相互不影响!(单独一条都可运行) ...
- Homebrew macOS飞速安装教程
快速安装 打开终端 /bin/bash -c "$(curl -fsSL https://cdn.jsdelivr.net/gh/ineo6/homebrew-install/insta ...