Web application security - the fast guide 1.1 | Page 133

Chapter 6 - Attack execution (2)
attacker
P a g e | 133
Submit a content to
be stored on
backend DB
The victim accesses the page
with the shared content
poisoned with attacker script
Page
with
shared
contents
Client
Client execute the script embedded in
the shared content
Attack Process:
A. The attacker accesses the vulnerable site and submit a content poisoned
with java script containing the attack payload
B. The attack payload might be anything from session hijacking code by
trying to retrieve (document.cookie) object, to forwarding to phished site
owned by attacker.
C. The victim accesses the shared contents loads the poisoned contents.
D. The attack payload script is executed on the victim machine.
Example:
A vulnerable site that allow the visitors to post answers for a specific
question without proper input validation.
The attacker uses the fact that no sanitization is done on the submitted
questions and send the following:
Any Text as an answer to the question