A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

What are the various countermeasures to a buffer overflow?

The countermeasures to a buffer overflow are as follows: * Perform manual auditing of the code. * Stack execution should be disabled. * Take the support of the functions which

Read More

The Internet or Cyber Laws

Internet is a behemoth, cutting across physical country boundaries and accessible to anyone and everyone from any corner of the world. Precisely due to this pervading nature, Internet is not

Read More

Tracing a hacker

> Tracing a hacker > Written by: Paperghost [[email protected]] > 24/02/2005 Sometimes, it’s just not enough to simply know that there’s a Trojan or Virus onboard. Sometimes you need to

Read More