Once the session identifier is compromised, an attacker can assume the
victim??™s session and perform actions as the victim user. However, by using a XSS vulnerability
to load a JavaScript proxy instead, far more serious attacks can occur, including
the following:
??? Viewing the sites displayed in the victim??™s browser
??? Logging the victim??™s keystrokes in the browser
??? Using victim??™s browsers as a Distributed Denial of Service (DDoS) zombie
??? Stealing the contents of the user??™s clipboard
??? Forcing the victim??™s browser to send arbitrary requests
For a variety of reasons, the XSS approach is vastly superior to stealing a victim??™s
session cookies. Many restrictions can be overcome through the use of a XSS proxy. For
example, the web site the victim is using may have additional security measures in place
beyond just the session cookie. One such security measure might be tying a victim??™s
session to one particular IP address. In this case, if an attacker compromises the session
cookie and tries to log in, he is prevented from doing so because he is not logging in from
the required IP address. Or perhaps the site requires additional authentication from the
user for certain actions in the form of a client certificate or additional password.
Pages:
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189