This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The goal of the XSS attack is to steal the cookies, or sensitive information like password or user name which can impersonate the client to gain the trust of the web site. With the legitimate token, the attacker can using member or owner privilege to access the website for internal process. Specifically, impersonate the user for banking transfer process. For example, an audit conducted for a large company it was possible to collect the user's credit card number and private and confidential information by using a XSS attack.
Three types of cross-site intrusion the string: reflection (reflected), storage (stored), and Document Object Model (Document Object Model, DOM) injection.
The reflection type cross-site intrusion string is most easily reached the attack; web programming presented directly the information provided by the user, the attacker will use this opportunity to attack. User-entered data, without inspection or disinfection directly placed in the pages to the client, so this site will be reflected cross-site string vulnerability invasion. Attacker notice the website has reflection cross-site intrusion string vulnerability will try to spread through e-mail or web advertising media destination URL of the attack script, once the victims have clicked the URL, the attack script malicious script () will be executed in the site's domain name. An attacker could exploit the offensive script to do a lot of things, such as stealing user cookies for the website.
Storage-type cross-site intrusion string is similar to the reflection principle, but more indirect; attacker first tried the malicious data is stored in the site with the weaknesses of this type of file, database, or other back-end systems (back end system), when users browse the site, the site is likely to send unfiltered malicious data to the user, after the user's browser in situations similar to the reflective type. Storage-type cross-site intrusion string literal such as content management systems (content management system, CMS), Blogs (blog) or forum (forum) type system; a large number of users able to browse to other users (potential attack) previously entered without filter the type of item, this is very dangerous.
Document Object Model (DOM)
Way to prevent XSS
Server and Coding
Defense internet cross-site scripting (XSS) should begin from way of retrieve and store data in database, before the data are stored in the database, first is to filter the information. Previous versions of PHP function mysql_real_escape_string can filter the data. The new version of PHP is recommended to use MySQLi or PDO_MySQL. Every time, when save the data from the user, programmer must use strip_tags or htmlentities to remove suspicious instruction.
Prevent Accessing from unknown link
User should aware when they should accessing security sensitive pages such as banking account site, credit card payment, they should access directly from the official website, instead of clicking the links provided from random unknown or untrusted web sites. For example, don't trust a link to banking site that is in an email message or don't click the link from auction website, if user needs to access them banking site to perform online banking or transfer, and as always be caution and vigilance when inserting some personal information.
The best protection is to disable scripting when it isn't required. However, even this does not prevent the injection of malicious HTML. Internet Explorer provides an internet cross-site scripting (XSS) Filter can help prevent site Add script to another site. The XSS filter monitors website the interaction, when it identified a potential attack, it will automatically block script execution. When the attack occurred, user will see a message column to inform user that the page has been modified, user must aware this website, in order to protect privacy and security. But ser must disable the internet cross-site scripting (XSS) Filter from the setting, if this filter completely disable; it will increase the risk of browsing the web.
SQL injection is to use the breach code at the site or application to hack the background data in the SQL database, in turn; hacker can get access to the database. For example, hackers can take advantage of loopholes in the code of the site, using a SQL injection to obtain all the data in the back-end database of a company's Web site. Get the database administrator login user name and password hacker free to modify the contents of the database or even delete the database. SQL injection can also be used to test the security of a website or application.
Hacking method is the attacker sends malicious database query syntax, input to the code used by the developers. Then pass the string to a variety of ways, such as MS SQL Server database query command column analysis and implementation. As long as the malicious characters or syntax complies with the SQL query syntax rules, the compiler and runtime of the application system, compiler tools or runtime tools will not be found. The database server will be executed directly tampering attacks syntax, system or data stored on the database, causing great threat
Way Prevent SQL Injection
Web programming aspects
Filter input conditions that may have hidden the sql commands, such as INSERT, SELECT, UPDATE, etc. validate the input from user , if not necessary, input should be limit only uppercase and lowercase letters and numbers, Replace filter for special query parameters, such as - 'Available replace (xx, "'", "''"),Program writing, programmer should always check the program existence of unexpected input data vulnerability.
Manage account password and control, remove the extra information that is publicly available table (program development, the example), unless it is necessary, set other user as normal user privileges, in order to avoid the complete database contents compromised , last is remove unnecessary but powerful extended stored procedure, such as xp_cmdshell, xp_regaddmultistring xp_unpackcab etc.
Regular repair the operating system and web server vulnerability, Avoid ASP, PHP and JSP program source code leak, causing the user can directly browse Change the Default Web Site virtual path, such as IIS systems do not use the default C: \ Inetpub \ WWW Root have \ directory. Does not provide an error message to the user, the attacker will analyses the structure of the database by return of an error message so programmer recommended redirected the error input to appropriate page.