Skip to main content

Cross-Site Scripting

  • Cross-site scripting is without a doubt the worst-named web application vulnerability in the world  . So many people have trouble understanding what XSS is just because of its awful name. One time , I was at a developer conference, and between sessions I had struck up a conversation with a programmer. We started talking about web security in his application, and I asked him what he was doing about cross-site scripting. he answered, "Oh , we don't have to worry about that. we don't use cross-site scripting." I explained to him that XSS isn't something that you use; it's something that attackers use against you! 
  • By the end of our talk, he was straightened out, but I can't help wondering how many more programmers like him are out there who are ignoring XSS because they think it's a feature that they're not using. If it had been up to me, I probably would have called it "JavaScript Injection," which I think is a much more accurate description of the problem. 
  • As an additional side note: the reason that cross-site scripting is abbreviated as "XSS" and not "CSS" is that CSS was already widely used as the abbreviation of Cascading Style Sheets, and it would have been too confusing to use the same abbreviation for both.
 
Resource :
  • Web Application Security : Bryan Sullivan &  Vincent Liu.

Comments

Post a Comment

Popular posts from this blog

The Difference between DB and DB_EXTENDED

When doing Audit on any table on the the database , the default auditing is DB. SQL > show parameters audit_trail NAME                                 TYPE        VALUE ------------------------------------ ----------- ------------------------------ audit_trail                          string      DB in this case , when you do audit on some table. SQL> audit all on scott.emp by access; Audit succeeded SQL> update emp set sal=sal*0.95 where job='MANAGER'; 3 rows updated. if you want to know the statement made these changes, you will receive nothing on the sql_text field while you are selecting the audit_trial table.
Post a Comment
Read more

SQL Injection Test 1

Search Google about Dork List 2013 SQL Injection Here are some from the list is :       http://tutsql.blogspot.com/2013/06/dork-list.html       http://securitypedia.blogspot.com/p/dork-list-2013_7588.html     -- choose one way of them to google it like : inurl:newsdetail.php?id=
Post a Comment
Read more

Other ways to detect an SQL Injection attack ( Honey Data )

Fake Data (Honey Data) By using honey data , it could help to identify attacks that are not triggered by error messages.  Honey data is data (e.g. Passwords, Credit card numbers,…) in tables which is never used by the application (Fake Ones). If someone from anywhere is accessing this kind of data , alert will be raised. Creation a table or tables containing unused data with juicy names (e.g. PASSWORD, CREDITCARD, SALARY).   Such interesting data is often the target of attackers.    During the attack, attackers are often accessing the view ALL_TAB_COLUMNS (Oracle) or INFORMATION_SCHEMA.COLUMNS (MySQL) to get the column names of interesting data.
1 comment
Read more