2008년 02월 18일
XSS: types and uses
We all know that XSS is the most common exploit to be found in any website. However, different forms of XSS have
different uses, as i will cover in this article. This ranges from a simple Social Engineering opportunity to a full
defacement or possibly remote admin access. The following types of XSS are defined: Type 1 XSS, Type 2 XSS and Type 3
XSS. Their uses are the following:
Type 1 XSS, AKA local XSS:
This form of XSS is rarely mentioned, because it is very hard to pull off and requires knowledge of either browser
exploits or local OS html files. For the first scenario, the attacker could use their website to send malicious commands
to the local users vulnerable HTML files(look in /WINDOWS, there are HTML files there) that executes some command on the
users system.
The second form that this attack can take is using browser exploits. Using a browser exploit, the attacker can plant an
activeX script locally on the users system, which can run under local HTML priveleges(all javascripts are allowed
without confirmation) and install backdoors, worms, spambots etc.
Type 2 XSS AKA non-persistant XSS:
This is the type of XSS most commonly submitted to sites like XSSED.com. They do no harm to the site itself, and they
are created when javascript can be injected into a variable that is echoed back to the user in some way. Say when you
enter some text into a search bar and press submit, and the new page that is loaded has what you searched saved in the
search bar. you could escape the input tag using "> then inject script, e.g.
<script>alert("xssed")</script>. This is only useful in social engineering where you get a user,
or administrator, to visit the page with the same parameters you provided to create the xss, only this time with a
cookie stealer script on the page. This will execute for them, logging their cookies to a site you choose.
Type 3 XSS AKA persistant XSS:
This kind of XSS is what is mostly used against guestbooks, forums and other permanent user content pages. When this
type of XSS is used it stays on the page and can be used in many ways; stealing cookies, defacing a page, and
spreading(the new "XSS worm" phenomenon)
These types of XSS are completely different from each other, and all serve different purposes within hacking.
I hope you enjoyed this article :)
different uses, as i will cover in this article. This ranges from a simple Social Engineering opportunity to a full
defacement or possibly remote admin access. The following types of XSS are defined: Type 1 XSS, Type 2 XSS and Type 3
XSS. Their uses are the following:
Type 1 XSS, AKA local XSS:
This form of XSS is rarely mentioned, because it is very hard to pull off and requires knowledge of either browser
exploits or local OS html files. For the first scenario, the attacker could use their website to send malicious commands
to the local users vulnerable HTML files(look in /WINDOWS, there are HTML files there) that executes some command on the
users system.
The second form that this attack can take is using browser exploits. Using a browser exploit, the attacker can plant an
activeX script locally on the users system, which can run under local HTML priveleges(all javascripts are allowed
without confirmation) and install backdoors, worms, spambots etc.
Type 2 XSS AKA non-persistant XSS:
This is the type of XSS most commonly submitted to sites like XSSED.com. They do no harm to the site itself, and they
are created when javascript can be injected into a variable that is echoed back to the user in some way. Say when you
enter some text into a search bar and press submit, and the new page that is loaded has what you searched saved in the
search bar. you could escape the input tag using "> then inject script, e.g.
<script>alert("xssed")</script>. This is only useful in social engineering where you get a user,
or administrator, to visit the page with the same parameters you provided to create the xss, only this time with a
cookie stealer script on the page. This will execute for them, logging their cookies to a site you choose.
Type 3 XSS AKA persistant XSS:
This kind of XSS is what is mostly used against guestbooks, forums and other permanent user content pages. When this
type of XSS is used it stays on the page and can be used in many ways; stealing cookies, defacing a page, and
spreading(the new "XSS worm" phenomenon)
These types of XSS are completely different from each other, and all serve different purposes within hacking.
I hope you enjoyed this article :)
이 글과 관련있는 글을 자동검색한 결과입니다 [?]
- 10 Reasons websites get hacked. by r3dr0ot
- HTTP Protocol by r3dr0ot
- CSRF Basics by r3dr0ot
- Detection of SQL Injection and Cross-site Scripting Attacks part 1 by r3dr0ot
- Detection of SQL Injection and Cross-site Scripting Attacks part 2 by r3dr0ot
# by | 2008/02/18 20:10 | →XSS | 트랙백
☞ 내 이글루에 이 글과 관련된 글 쓰기 (트랙백 보내기) [도움말]