Web application security - the fast guide 1.1 | Page 132
Chapter 6 - Attack execution (2)
@
Client
Script
executed
Send Request to the page with
specific input crafted by attacker
through link as parameter
containing script
Response with
page containing
the echoed
script
P a g e | 132
Vulnerable
page that echo
part or all the
sent input with
no sanitization
Server
Example:
A. The attacker creates an email containing a link as follow:
ale
rt (‘i am the attack payload’)” >Visit page
B. The echo page will generate the page containing the script, the script will
be executed and show the alert.in real life example the payload script can
be s script that sends session cookie information automatically to
attacker.
6.16 Stored script attack
This category of cross site scripting needs access to shared content that can be
edited by attacker like the case of public comments or social networks or
administrators reaching user contents.
Attack requirement:
A. The attacker has write access to shared contents on a web page that will
be stored on the back end.
B. The site holding the shared content does not apply any sanitization before
storing the submitted data.
C. The victim has access to the same web page with shared contents