An Introduction to XSS
In this tutorial I will not be going into depth of XSS, I will be covering the explanation of the basic types. This is just an introduction to XSS. This tutorial will just give you a Blue-Print of the topic.
What is XSS ?
So what exactly XSS is..?
XSS stands for Cross Site Scripting. You can also call it is CSS but this will misinterpret a web designer as Cascading Style Sheets, so let it be XSS. In this method the attacker tries to inject a malicious (usually javascript). The attacker then can steal admin-cookies, can setup XSS worm, XSS shell's, etc. XSS are of 2 type's traditionally and other one is DOM's based.
Non-Persistent
Non-presistent is also known as Reflected XSS. It gets reflected as the name suggest. It gets reflected on the page but does not get injected in the page. While doing such attack the should hide his script form his victim.
Persistent
Persistent is also known as Stored XSS. In this type of XSS as the name suggest the malicious code get stored inside the page. So when ever a victim click's on the page, the script get activated and runs the malicious code.
DOM Based
DOM stands for Document-Object Method. In this type of vulnerability occurs while content processing of the document.
Hope you all like this simple tutorial. :D
Post a Comment