XSS - Cross Site Scripting Explained

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to another virtual forge security cartoon this is cross-site scripting in short x SS lesson 1 to see how this X s s attack works we'll look at a sample web application in this case a platform where users can buy or sell used cars of course all communication is encrypted and the web server is protected by a firewall this application has two use cases Bob here wants to sell a car he will demonstrate use case 1 he sends a request to the server to start the application and receives a list of offers already stored in the database since Bob wants to sell his car he doesn't look at the other entries but enters his description and submits it to the server please note that Bob is logged on to the system and his session identifier is stored in a so called cookie this cookie is sent along with every request in order to maintain the session and keep Bob or any other user authenticated the server receives Bob's ad and stores it in the database along with the other ads and of course Bob receives a packet from the server containing a notification that his ad was processed successfully Alice on the other hand wants to buy a car she will demonstrate use case to every now and then she checks out the current cars on sale she too is authenticated to the application her identity too is validated by the server when she comes back this time the list also includes Bob's new entry the list of cars is rendered in her browser since its new and interesting Alice decides to have a closer look at Bob's ad please note that part of Bob's ad has syntax highlighting the phrase a lot of extras is bold so that's how the application is supposed to work some people contribute content others will read it now we need to bring in another player Mel Mel is using his lunch break to see if he can hack into some systems and comes across our web server all good hacking starts with analysis so Mel first checks out how the application works basically he does the same things Palace just did therefore he receives the same information Alice just did but he looks at the results al differently why is there some text written in bold letters it seems that HTML tags are allowed input maybe any HTML tags let's see if Mel could exploit that first he needs a headline that draws attention now what if he enters javascript code instead of a detailed description for his car and what if that code would read the cookie of whoever is opening that page and send it to Mel's hacker server mell saves his malicious add to the server and it is processed and stored in the database the same way Bob's AG was before after this successful little lunch break all Mel has to do is wait wait for someone else to open his malicious ad Alice is taking another opportunity to check out if there are any new entries in the database again her identity is validated by the server you unfortunately for Alice the new list of cars now includes Mel's cross-site scripting attack pack itself is hidden in the description it will be launched the moment Alice opens the read more page Mel's script is now executed in Alice's browser for read her cookie and send it off to Mel's web server basically Mel used the vulnerable car sales web server to spread his attack to other users in this case to Alice Mel server is programmed to immediately send an email to him when any new cookies are delivered in other words Mel receives a cookie just a few seconds after it has been stolen since Alice's user session is stored in the cookie Mel just received Alice's current digital identity all he has to do is load her cookie into his browser thus impersonating Alice in this web application virtually Mel becomes MAOIs with alice's session Mel can do everything Alice is entitled to do and see everything Alice is entitled to see with every request Mel sends out Alice's cookie is now passed on to the server and validated and since the cookie can Alyce's current session the server will actually believe the request really came from Alice naturally this is something Alice doesn't want but she can't do anything about it she doesn't even know that this is happening you let's give you a brief summary X s s vulnerabilities are easy to spot easy to exploit and have a high impact on your business security and that makes them really dangerous

Info

Channel: Virtual Forge an Onapsis Company

Views: 151,938

Rating: undefined out of 5

Keywords: XSS, Cross Site Scripting, SAP, Security, InfoSec, ABAP, Vulnerability, Software, Hacker, Cyber Security, SAP HANA, Cloud Security, CodeProfiler, Virtual Forge, Cartoon, Software Development, SAP Coding

Id: cbmBDiR6WaY

Channel Id: undefined

Length: 7min 24sec (444 seconds)

Published: Thu Apr 20 2017