XSS Attack Technique used by attackers

October 28th, 2007   •   4 Comments   

XSS attacks can be perform in two different ways, non-persistent and persistent. Non-persistent attacks require a user to visit a specially crafted link laced with malicious code. Upon visiting the link, the code embedded in the URL will be echoed and executed within the user’s web browser. Persistent attacks occur when the malicious code is submitted to a web site where it’s stored for a period of time. Examples of an attacker’s favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to click on any link, just simply view the web page containing the code.
Here’s how?

Persistent Attack

Most of the web sites host bulletin boards where registered users may post messages. A registered user is commonly tracked using a session ID cookie authorizing them to post. If an attacker were to post a message containing a specially crafted JavaScript, a user reading this message could have their cookies and their account compromised.
Cookie Stealing Code Snippet:

Non-Persistent Attack

Most web portals offer a personalized view of a web site and greet a logged in user with “Welcome, “. Sometimes the data referencing a logged in user are stored within the query string of a URL and echoed to the screen.
Portal URL example:

In the example above we see that the username “Joe” is stored in the URL. The resulting web page displays a “Welcome, Joe” message. If an attacker were to modify the username field in the URL, inserting a cookie-stealing JavaScript, it would possible to gain control of the user’s account.

A large percentage of people will be suspicious if they see JavaScript embedded in a URL, so most of the time an attacker will URL Encode their malicious payload similar to the example below.

URL Encoded example of Cookie Stealing URL:
c1

Decoded example of Cookie Stealing URL:
c2

Share this article

4 Responses

  1. DrearDiak says:

    I am frequently looking for recent blogposts in the world wide web about this matter. Thx!

  2. This is such a great resource that you are providing and you give it away for free. I enjoy seeing websites that understand the value of providing a prime resource for free. I truly loved reading your post. Thanks!

  3. Invest says:

    Great stuff, was a helpful info – thx!

  4. casino bonus says:

    A friend recommended that I take a look at your site. I’m happy that I’m here.

Leave a Reply


  • three × = 27