XSS (Cross-Site Scripting)

We can categorized three XSS (Cross-Site Scripting) attacks:

DOM XSS
Persistent XSS
Reflected XSS

DOM XSS

The Document Object Model-based XSS attack use the HTML environment to execute Javascript code. It’s used especially the tag <script></script> and <iframe></iframe> for executing Javascript code.

Take a simple HTTP application:

If the developer didn’t parsed the user’s input, we can easily execute Javascript script code:

Persistent XSS

As the name indicate, the persistent XSS is when the Javascript code is stored and executed every time when the visitor go to the Website. If the user’s input it’s not parsed, the server can store the code into the database for instance.

For instance, we can imagine a web server which store the IP address from the X-Forwarded-For HTTP Header to to database and display to the web page:

Reflected XSS

Many website has a search functionality and it’s the input is not parsed, we can inject malicious Javascript code.

We can imagine a user who execute the attacker’s URL, clicked on a link from an email (phishing attack), the code is executed on the user’s browser.

http://localhost:8080/books.php?id=<script>alert('xss')</script>

Sources

https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS).html
https://owasp.org/www-community/attacks/xss/

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search