Sunday, May 22, 2005

Cross-site scripting (XSS) Cheat Sheet


Picture credit: http://tuxick.net
Visit AmazonHa.ckers.org has a great compendium of cross-site scripting hacks. Who ever said the information security business was easy?

If you're unfamiliar with cross-site scripting, in a nutshell: it's a weakness or hole in a server application that allows an evil user to steal an innocent user's cookie. XSS can also be used for other nefarious purposes, but cookie theft is the predominant category of exploitation.

How can an evil-doer use someone else's cookie? It depends upon the server that issued the cookie. It might be possible to hijack an innocent user's shopping-cart, complete with credit-card info already stored on the server. The malicious user could add items to the cart and receive the purchased items, for instance.

If you've got a complex web application, protecting against all possible XSS hacks is no easy business. It's like trying to avoid moisture during monsoon season.

Want to check out a wide variety of XSS hacks? If you're a web developer, it will be a sobering experience.

XSS cheatsheet, Esp: for filter evasion
 

No comments: