SHREE LEARNING ACADEMY

Cross-site scripting (XSS)

A type of attack known as Cross-site scripting (XSS) involves the injection of malicious code by an attacker into a web server, which then gets sent along with the content to other visitors, thereby compromising the security of the server. There are various techniques that hackers have developed to inject harmful code into websites. These include exploiting vulnerabilities in CGI scripts and web server software, carrying out SQL injection attacks, using frame exploitation, redirecting DNS, hijacking cookies, and employing numerous other forms of attack that are inventive and crafty. If an XSS attack is successful, it can lead to a range of negative consequences such as stealing identities and credentials, taking data without permission, causing financial losses, or even installing remote-control software on the devices of visiting clients.

Prevention of XSS

To safeguard a website against XSS attacks, the administrator should take several measures such as keeping the web server up-to-date with the latest patches, utilizing web application firewalls, running a host-based intrusion detection system (HIDS), checking for any suspicious activity through auditing, and most crucially, implementing server-side input validation that includes filtering for malicious content, length, and metacharacters. To safeguard yourself against XSS attacks as a web user, you should ensure that your system is up-to-date with the latest patches, use antivirus software, and avoid visiting non-mainstream websites. Some web browsers have add-ons like NoScript for Firefox and uBlock Origin for Chrome that permit the execution of only scripts that you select.

Cross-site request forgery (XSRF)

Cross-site request forgery (XSRF) is a type of attack that shares some similarities with XSS, but with XSRF, the focus is primarily on the web browser of the visiting user rather than the website they are accessing. XSRF's primary objective is to deceive the user or their web browser into performing actions that were not intended or authorized. Such actions could comprise logging out of an active session, uploading a site cookie, modifying account details, retrieving account information, making purchases, and more. A type of XSRF attack involves infecting the victim's system with malware that remains inactive until the user visits a specific website. Once the website is accessed, the malware sends requests impersonating the user, deceiving the web server and allowing the attacker to perform malicious actions against the server and/or the client.

Zeus is an instance of an exploit that employed XSRF, which would remain hidden on the victim's computer until the user visited their online bank site. Once the malware confirmed the account balance and obtained the bank account number, this information would be forwarded to the controlling attacker, who could then initiate an ACH money transfer to another bank. As a result, this is an instance of malware that facilitates the direct theft of money from the victim's account.

Prevention of XSRF

To protect against XSRF attacks, website administrators can take preventive measures such as mandating confirmations or reauthentication whenever a connected client requests a sensitive or risky action. These measures could involve the user re-entering their password, receiving a code via text message or email that must be entered on the website, initiating a phone call-based verification, or solving a CAPTCHA, which is a technique for distinguishing between humans and software robots. Adding a randomly generated string, also known as a nonce, to every URL request and session creation could be an additional protective measure. It would also be helpful to verify the client's HTTP request header referrer to prevent any spoofing attempts. Users can adopt more secure practices like utilizing antimalware scanners and HIDS, activating a firewall, avoiding non-trusted websites, logging off properly instead of just closing the browser or moving to another URL, regularly updating browsers, and clearing out temporary files and cached cookies. These practices can significantly enhance security.

Reflected cross-site scripting (XSS)

Reflected cross-site scripting (XSS) is a type of web vulnerability where an attacker injects malicious code into a website's response, which then gets executed in a victim's browser. The attack usually involves sending a specially crafted link to the victim, which contains the injected code as a parameter.

When the victim clicks on the link, the injected code is sent to the web server, which then includes it in the response sent back to the victim's browser. The browser then executes the code, which allows the attacker to steal sensitive information, such as login credentials, session tokens, and personal data.

Reflected XSS attacks are usually caused by a lack of input validation on the server-side. This means that the web application fails to properly filter or sanitize user-supplied input before using it to generate a response. As a result, an attacker can inject malicious code into the application's output, which gets executed by the victim's browser.

Prevention of reflected XSS

To prevent reflected XSS attacks, web developers should implement input validation and output encoding. Input validation involves checking user-supplied data to ensure that it meets certain criteria, such as length, format, and type. Output encoding involves converting any special characters in the output to their corresponding HTML entities, which prevents them from being interpreted as code by the browser.