Cross site scripting
-
Upload
abdul-hajee -
Category
Technology
-
view
172 -
download
1
description
Transcript of Cross site scripting
![Page 1: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/1.jpg)
.
xss
Cross Site Scripting
![Page 2: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/2.jpg)
Cross site scripting Vulnerabilities Cross site request forgery Attacks
Web Application Security Issues
![Page 3: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/3.jpg)
Cross site request forgery
![Page 4: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/4.jpg)
Cross site scripting :outline
![Page 5: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/5.jpg)
Client line scripting
![Page 6: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/6.jpg)
Cross Site Scripting Vulnerabilities
![Page 7: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/7.jpg)
XSS Concept
![Page 8: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/8.jpg)
Attack Scenarios
![Page 9: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/9.jpg)
XSS risks vs Attack scenarios
![Page 10: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/10.jpg)
Attack Scenario 1
![Page 11: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/11.jpg)
Stolen Account Credentials
![Page 12: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/12.jpg)
Cookie machanism and vulnerability
![Page 13: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/13.jpg)
XSS point for cookies
![Page 14: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/14.jpg)
Privacy Risks
![Page 15: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/15.jpg)
Attack Scenario 2:Same Site Exploit
![Page 16: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/16.jpg)
Misinformation modification and self Propagation
![Page 17: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/17.jpg)
Same site Phishing
![Page 18: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/18.jpg)
Attack Scenario 3:Brouser Exploits
![Page 19: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/19.jpg)
Browser Exploit :other page modification
![Page 20: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/20.jpg)
Denial of Service
![Page 21: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/21.jpg)
Browser exploit: silent install
![Page 22: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/22.jpg)
Defeated Security Zones Model
![Page 23: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/23.jpg)
Defeated accountability
![Page 24: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/24.jpg)
History of malicious scripts
![Page 25: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/25.jpg)
Other Malicious Scripts
![Page 26: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/26.jpg)
VB Scripts that change registry keys
![Page 27: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/27.jpg)
Myspace Worm
![Page 28: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/28.jpg)
Types of XSS VULNERABILITIES
![Page 29: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/29.jpg)
XSS Vulnerality ;Reflection
![Page 30: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/30.jpg)
Results
![Page 31: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/31.jpg)
XSS Vulnerability :Stored
![Page 32: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/32.jpg)
XSS vulnerability :Indirect
![Page 33: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/33.jpg)
Java script injection methods
![Page 34: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/34.jpg)
Java script URL`S
![Page 35: Cross site scripting](https://reader036.fdocuments.in/reader036/viewer/2022062304/558e92981a28ab3b108b458d/html5/thumbnails/35.jpg)
Variation on indirect injection