XSS Attacks

coldbugcoldbug Member Posts: 189
Trying to completely understand the differences. I got the Stored Attack right, but can you guys help me if I got the others right.

Stored Attack = malicious script injection into website's forums, databases and other data. (user is not required to click the link for code to be activated. Once the user visits the page, it automatically activates the script.

Reflected Attack = everything above but difference is user must click on the link for script to activate.

CSRF (XSRF)/Sea Surf/Session Riding = tricking the user to execute unwanted action on an application user is logged in.

I can't distinguish the last two.
"If you want to kick the tiger in his ass, you'd better have a plan for dealing with his teeth."

Comments

  • p@r0tuXusp@r0tuXus Member Posts: 532 ■■■■□□□□□□
    via Wikipedia:

    "Cross-site request forgery ... is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.[2] Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser."
    Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
    In Progress: Linux+/LPIC-1, Python, Bash
    Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
  • Nik 99Nik 99 Member Posts: 154 ■■■□□□□□□□
    If I've got this right XSRF isn't about tricking the user at all. What happens is that they perform actions they are utterly unaware of. So purchases from a site where they were just browsing without actually buying anything themselves I guess. Do correct me if I'm wrong, this is my interpretation of how this attack is supposed to play out.

    Dunno about the others, they didn't come up in Darriel Gibson's book I think? Though they probably appear in the techexams Sec+ tech notes.

    Edit:ah, got beaten to it =P
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    XSS and CSRF are different types of vulnerabilities.

    The best way IMO to think about the 2 differences are how the trust between the browser and webapp are exploited.

    XSS - trust by the browser of the webapp is exploited.
    CRSF - trust by the webapp of the browser is exploited.

    There are 3 main types of XSS vulnerabilities:
    1. persistent - sometimes called stored
    2. reflected
    3. dom-based
    Instead of regurgitating the description - my favorite explanation can be found here - https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting

    If you are familiar with basic javascript - a better explanation here - https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_****_Sheet

    For CSRF - OWASP also has a great explanation here - https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
Sign In or Register to comment.