Upload
abdul-hajee
View
172
Download
1
Embed Size (px)
DESCRIPTION
XSS is one type of vulnerability which is existing in most of the web application .Due to this vulnerabilityit may have chance to to deface website nad cookie steatling,session hijacking etc.
Citation preview
.
xss
Cross Site Scripting
Cross site scripting Vulnerabilities Cross site request forgery Attacks
Web Application Security Issues
Cross site request forgery
Cross site scripting :outline
Client line scripting
Cross Site Scripting Vulnerabilities
XSS Concept
Attack Scenarios
XSS risks vs Attack scenarios
Attack Scenario 1
Stolen Account Credentials
Cookie machanism and vulnerability
XSS point for cookies
Privacy Risks
Attack Scenario 2:Same Site Exploit
Misinformation modification and self Propagation
Same site Phishing
Attack Scenario 3:Brouser Exploits
Browser Exploit :other page modification
Denial of Service
Browser exploit: silent install
Defeated Security Zones Model
Defeated accountability
History of malicious scripts
Other Malicious Scripts
VB Scripts that change registry keys
Myspace Worm
Types of XSS VULNERABILITIES
XSS Vulnerality ;Reflection
Results
XSS Vulnerability :Stored
XSS vulnerability :Indirect
Java script injection methods
Java script URL`S
Variation on indirect injection