What are XSS vulnerabilities?
Cross Site Scripting vulnerabilities, or XSS, are security vulnerabilities that are widely spread in web programs. Through these vulnerabilities, a person (the attacker) injects malicious program code, usually in the secret language of JavaScript, which the browser executes the code commands when the page is loaded by the second person (the victim).
The code is injected by the attacker in sthe lines, meaning that the commands entered by the user will be executed without any problem!everal ways, including: deceiving the victim to click on a link (reflected XSS), or waiting for the victim to browse a page on a site that contains a vulnerability of this type (stored XSS).
How are XSS vulnerabilities exploited by hackers?
By exploiting XSS holes, hackers can steal so-called cookies, and thus they can snipe your personality in that program that contains a hole.
Pirates can also turn your browser into a mined page that contains malicious programs such as viruses and others.
They can also turn your browser to a page that is completely similar to the page of the program you are visiting (for example, the bank deposit program) and steal your passwords.
These vulnerabilities are also exploited to bypass protection in the program or your browser with which you browse the web.
These are just some of the attacks, not all of them. There is no specific limit to how XSS vulnerabilities can be exploited, as it depends on the attacker's imagination and professionalism in this field.
Can they hack your device and watch your camera? - Yes ! Can they hear the microphone? - naturally!
To learn about other advanced attacks - visit the BeEF project page
Who was hacked because of the XSS vulnerabilities?
In the year 2010, the well-known Apache Foundation, which is developing the famous Apache Web Server, was fully hacked through a small XSS vulnerability in the Foundation's website.
A loophole of the same kind in the forums program of the famous Ubunto distribution site also led to the theft of more than 1.8 million emails and its password!
These raids usually target users of the program and the networks they connect to. But when it depends on a user who has the authority of the general manager of the program, the result is catastrophic, and access is made to the entire web server instead of the program only!
These vulnerabilities are spread on several platforms, including Twitter, Facebook, Google, Yahoo.. and are discovered early through campaigns to encourage the discovery of these vulnerabilities called Bug Bounties, where a financial value is paid and defamation of those who discovered the vulnerability.
In this link are several attacks that started through a simple XSS vulnerability in the software
How do I protect myself from XSS vulnerabilities?
Make sure that you are using the latest update of your internet browser and that all related protection options such as XSS Filter and others are activated. If you are using a browser that does not support such an option (FireFox), it is recommended to use the NoScript extension, which works as an effective protection against XSS attacks.
Be very careful when you click on a particular link. Some links do not seem dangerous in principle, but they contain malicious code or exploit an XSS vulnerability.
Always sign out after you finish working on a specific web program (Sign Out).
I am a programmer, how do I protect my program from XSS vulnerabilities?
XSS vulnerabilities are exploited when program input is not carefully scanned.
For example, when the user writes his (her) name in the program, and then the program shows the name without checking, what will happen when a user name is entered in the HTML programming language, for example? The browser will not differentiate between the username and the rest of the page code and will treat it as code on the page just like the rest of the lines, meaning that the commands entered by the user will be executed without any problem!
Scan the entries in the program, by purging the entries of any malicious code or attempt to inject code into the entries. If the input type is numbers only, do not allow characters to pass through the program. Use white lists in this, that is, the entries are compared to the list of allowed entries only, and the entries that are not in that list are rejected.
Make sure that the character encoding on the page is what Character Encoding requires. If the encoding is correct, the browser will know whether the characters being displayed are encoded in a specific way or not. That is, you will not let the browser choose, because in some cases this feature is exploited in browsers to attack XSS vulnerabilities or bypass protection related to them.
Examine your program and detect XSS vulnerabilities using specialized software such as the well-known OWASP project program called OWASP Zap (open source and also free)
Always enable the HTTPOnly option when you log the status of the program through cookies. This will warn the browser so that the script code is not allowed to read cookies, thus preventing them from being stolen or exploited to snipe a second character.
There is a feature in the HTTP protocol called the Content Security Code (CSP), which specifies any of the parts in which a browser is allowed to execute the script code commands on the page. (They use the whitelist method for that!)
Finally, why not install a dedicated WAF firewall. This will act as an extra layer of protection against XSS vulnerabilities in your software. There are many programs that specialize in this, including the Security mod. This program should only be used as an additional link and should not be relied upon, as ways are always being explored to bypass it.
Comments
Post a Comment