Web application security - the fast guide 1.1 | Page 132

Chapter 6 - Attack execution (2) @ Client Script executed Send Request to the page with specific input crafted by attacker through link as parameter containing script Response with page containing the echoed script P a g e | 132 Vulnerable page that echo part or all the sent input with no sanitization Server Example: A. The attacker creates an email containing a link as follow: ale rt (‘i am the attack payload’)” >Visit page B. The echo page will generate the page containing the script, the script will be executed and show the alert.in real life example the payload script can be s script that sends session cookie information automatically to attacker. 6.16 Stored script attack This category of cross site scripting needs access to shared content that can be edited by attacker like the case of public comments or social networks or administrators reaching user contents. Attack requirement: A. The attacker has write access to shared contents on a web page that will be stored on the back end. B. The site holding the shared content does not apply any sanitization before storing the submitted data. C. The victim has access to the same web page with shared contents