A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

More Trojan horse for Apple Mac! Is Mac more insecure than windows?

One more malware have been spotted for the Apple Mac machine. This time Trojan.iServices.B which gets into the system, open the backdoor in Mac machines and connect them to a

Read More

What are the various modes of system security testing?

The various modes of system security testing are as follows: 1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be

Read More

Hackers

Many peoples ask me, what is hacker? I want to be hacker? What What and How How…. Read it. It’s Hacker Attitude. The Hacker Attitude Hackers solve problems and build

Read More