A Quick Look at Cross Site Scripting - Going deeper into JavaScript (
Page 3 of 6 )
Following the same concept above described, we might build a new URL for achieving more dangerous and annoying effects. It’s just a matter of including a little bit of JavaScript.
For instance:
http://www.yourdomain.com/welcomedir/welcomepage.php?
name=<script language=javascript>window.location=
”http://www.evilsite.com”;</script>
It’s getting more complex now. As we can appreciate, a JavaScript redirection will take place to “www.evilsite.com”, just by including the above URL in the browser location bar. At first glance, it’s not as bad as it seems. After all, we haven’t seen anything that could significantly harm our website. But, is it really true? Let’s present a new example, which might quickly change your mind.
We’ll demonstrate how easy is to manipulate URLs and inject JavaScript into them, for malicious purposes.
For example:
http://www.yourdomain.com/welcomedir/welcomepage.php?
name=<script language=javascript>setInterval
("window.open('http://www.yourdomain.com/','innerName')",100);
</script>
Now, let’s explain in detail what’s going on here. We have inserted JavaScript code to making a request for the http://www.yourdomain.com index page every 100 milliseconds. The setInterval() method is taking care of the task, but other JavaScript methods, such as setTimeout() with a recursive implementation would do the trick too. The code could either heavily overload the Web server where our site is located or generate a Denial of Service condition by denying access to other visitors requesting the same page (or other pages), and inflict noticeable damage to the server performance. On the other hand, it would be harmful to our website’s reputation, just because other users cannot get access to it. Not very good, huh?
Please note that a similar attack effect might be achieved by manipulating sockets with PHP or any other programming language, but that’s another huge subject, out of the scope of this article. Anyway, keeping your sharp eyes open to unusual levels of traffic is a must. So, don’t ever forget to take a look at your site’s logs files and use software for monitoring traffic and real time statistics.
Unfortunately, there are a huge number of ways to attack websites using Cross Site Scripting, embedding JavaScript code into the URL. From relatively innocent and harmless scripts, to risky and harmful code, we have to try to prevent or avoid them.
If this is not enough, we’ll see another common Cross Site Scripting technique: hiding JavaScript code within links.
| | Discuss A Quick Look at Cross Site Scripting | | | | | | | Woah, the possibilities of this have never crossed my mind. Great article! | | | | | | Um, how is this solution better than using such built-in PHP functions as... | | | | | |
I always use this:
<?php
/**
* Remove slashes, tags and ASCIIZ from GET,... | | | | | | You *never* *ever* do something like:
echo $_GET['variable'];
this does not... | | | | | | Hello,
I'm the author of the article.Cheers.
I totally agree that echoing GET... | | | | | | Hello,
Because I wrote the article, I must thank you for the comment. It's great... | | | | | | Hello again,
Also,it's worthy considering that JavaScript embbeded into links, is... | | | | | | I don't think this article creates a real scary threat, If you use javascript to... | | | | | | Hello,
Thank you for commenting on my article. With regard to your comment I must... | | | | | | the problem is you're not actually *validating* your input. You're just altering it... | | | | | | Thank you for your comments on this article. Well, you're correct when you say the... | | | | | | First it need to be noted that no php security scripting will replace a improperly... | | | | | | whichever admin reviewed the above scripts i submitted screwed them up.
there... | | | | | | here is the second one that requires CCISECURITY.PHP
<?php
#####
#
# ... | | | | | | here is the third one i mentioned .
it is a stand-alone secueirty class providing... | | | | | | Thank you for posting this extremely useful set of classes with reference to... | | | | | | As I posted before, I greatly appreciate the group of excellent classes you listed... | | | | | | >>> Post your comment now! | | | | | |
|
 |
