If an attacker can place script anywhere in a
vulnerable web application, the browser believes that the script came from the vulnerable
web application rather than the attacker. Thus, the script will run in the domain of the
vulnerable web application and will be able to do the following:
??? Have access to read cookies used in that vulnerable web application
??? Be able to see the content of pages served by the vulnerable web application
and even send them to the attacker
??? Change the way the vulnerable web application looks
??? Make calls back to the server who hosts the vulnerable web application
Three steps are used for cross-site scripting:
1. HTML Injection. We provide possible ways to inject script into web applications.
All the HTML injection examples discussed will simply inject a JavaScript
pop-up alert box: alert(1).
2. Doing something evil. If alert boxes are not scary enough, we discuss more
malicious things an attacker can do if a victim clicks a link with HTML injection.
3. Luring the victim. We discuss how to coerce victims to execute the malicious
JavaScript.
Step 1: HTML Injection
There are many, many possibly ways to inject HTML and, more importantly, scripts into
web applications.
Pages:
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105