Cross Site Scripting Tutorial [HACKERPOST NIGERIA] [PART 1]

Defination: Cross site scripting also known as "XSS" can be defined as a web application vulnerability that allows an attacker to inject and execute client side scripts i.e Javascript. into web pages viewed by other users.

The attacker does not directly target his victim. Instead, he exploits a vulnerability in a website that the victim visits, in order to get the website to deliver the malicious JavaScript for him. To the victim's browser, the malicious JavaScript appears to be a legitimate part of the website, and the website has thus acted as an unintentional accomplice to the attacker.

PREREQUISITE/REQUIREMENTS

Knowledge in HTML, JAVASCRIPT

Basic Knowledge in HTTP client-server Architecture

Basic Knowledge about Server Side Programming (PHP, JSP, ASP)

TYPES OF XSS

Persistent Xss / Stored Xss

Non-Persistent Xss / Reflected Xss

DOM-Based Xss

Persistent Xss: is a highly devastating variant of a cross-site scripting vulnerability. it occurs when the data entered by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping. i.e Comment Box, Private Message Box, Broadcast Message, News Board.

Non Persistent Xss: is the most common type of cross-site scripting vulnerability. it occurs when the data provided by a web client, most commonly in HTTP query parameters (e.g HTML form submission), is executed immediately by server-side scripts to parse and display a page or results for and to that user, without properly sanitizing the request. i.e Search Form.

DOM-Based Xss: simply means a Cross-site scripting vulnerability that appears in the DOM (Document Object Model) instead of part of the HTML. In Non Persistent and Persistent Cross-site scripting attacks you can see the vulnerability payload in the response page but in DOM based cross-site scripting, the HTML source code and response of the attack will be exactly the same, i.e. the payload cannot be found in the response. It can only be observed on runtime or by investigating the DOM of the page.