XSS: Difference between revisions

From charlesreid1

No edit summary
No edit summary
Line 13: Line 13:
* DOM-based XSS - the script is injected client-side rather than server-side
* DOM-based XSS - the script is injected client-side rather than server-side


=Notes=


==Basic Reflected XSS Attack==


An example of a reflected XSS attack would be a page that accepts input from a URL parameter, and dynamically inserts it in the page without any additional processing.


=Notes=
An example might be a "message" parameter in a URL that is used to display a greeting on a page.
 
<pre>
https://insecure-website.com/status?message=All+is+well.
</pre>
 
This could be attacked like so:
 
<pre>
https://insecure-website.com/status?message=<script>/*+Bad+stuff+here...+*/</script>
</pre>

Revision as of 20:30, 13 April 2022

Overview

Cheat Sheet

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

Types of Cross Site Scripting

There are three main types of XSS attacks. These are:

  • Reflected XSS - the script comes from the current HTTP request
  • Stored XSS - the script comes from the website's database
  • DOM-based XSS - the script is injected client-side rather than server-side

Notes

Basic Reflected XSS Attack

An example of a reflected XSS attack would be a page that accepts input from a URL parameter, and dynamically inserts it in the page without any additional processing.

An example might be a "message" parameter in a URL that is used to display a greeting on a page. 

https://insecure-website.com/status?message=All+is+well.

This could be attacked like so: 

https://insecure-website.com/status?message=<script>/*+Bad+stuff+here...+*/</script>
Retrieved from "https://charlesreid1.com/w/index.php?title=XSS&oldid=29478"