Cross Site Scripting (XSS) Attack Types & PreventionVishnu Yash Tripathi
Cross-Site Scripting(XSS) is a popular and vulnerable attack that is known by every advanced tester. It is considered one of the adventurous attacks on web applications and can bring harmful results also. This attack is considered adventurous, because of its ability to damage even less vulnerable technologies.
How XSS is Being Performed:
The Common Cause of XSS:
- Cross-Site Scripting can occur on the client side by executing malicious scripts.
- The fake page or form or advertisement is displayed to the users (where the victim types credentials or clicks a malicious link).
- Malicious emails are sent to the victim with malicious links.
If the below search field is vulnerable then the user can enter any script and it will be executed.
For example, consider the user enters a very simple script as shown below:
As in this Example, the script typed into the search field gets executed. This just shows the
vulnerability of the XSS attack. However, a more harmful script may be typed as well.
Types of Cross-Site Scripting Attacks:
This attack is divided into three main categories which are shown below:
1) Reflected XSS – This attack occurs when malicious scripts are not being saved on the web server but reflected in the website’s results.
2) Stored XSS – This attack occurs when malicious scripts are being saved on the web server permanently.
3) DOM – This occurs, when the DOM environment is being changed without any actual change in DOM itself.
Recommended to Read- Most Popular Automation Testing Tools
How to Test Against XSS?
In order to test against XSS attacks, black box testing can be performed. That means it can be tested without a code review. However, code review is always a recommended practice and it brings up more credible results. From our testing experience, We would like to add that if a good black box testing technique is selected and performed accurately, then we will also be able to identify maximum vulnerabilities.
For Example, a tester may try to type in the browser script
If this script is being executed, then there is a huge possibility that means XSS is possible. Also while testing manually for possible Cross-Site Scripting attacks, it is important to remember, that encoded brackets should also be tried.
XSS Testing Tools:
As Cross Site Scripting test attack is one of the most popular risky attacks, there are many anti-XSS tools to test it automatically. We can find various scanners to check for possible XSS attack vulnerabilities – like, Nessus and Nikto. Both of which are considered quite reliable.
From our experience, we would like to recommend ZAP (Zed Attack Proxy) tool.
Comparison with Other Attacks:
Another thing that makes this attack risky is the possibility to be stored in the web service – this way it can affect many users for a longer period of time. XSS sometimes can be performed on even less vulnerable systems and its vulnerabilities are sometimes difficult to be found.
Ways to Prevent XSS:
Though such a type of attack is considered to be one of the most dangerous and risky ones, so prevention plan should be prepared. Because of the popularity of this attack, there are many ways to prevent it.
Commonly used prevention methods include:
- Data validation
XSS Cheat Sheets
XSS Cheat Sheets can be very useful for cross-site scripting prevention. It is a simple guideline for the developers on how to prevent XSS attacks. The rules are very helpful and should not be forgotten while developing the application. XSS Cheat Sheets can be found in internet communities such as OWASP (The Open Web Application Security Project).
While testing, it is highly recommended to evaluate the risks that bring up possible XSS attacks. XSS attack can affect many web applications that seem to be secure as well. While performing test against XSS, it is important to have good understanding about this attack. It is important to choose the appropriate anti xss testing tools and to analyze testing results correctly.