Difference between revisions of "XSS in error pages"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
 
Line 1: Line 1:
[http://s1.shard.jp/frhorton/sfzdbdq5w.html african american marriage counselor in new jersey
 
] [http://s1.shard.jp/losaul/alloys-australian.html computerworld australia
 
] [http://s1.shard.jp/losaul/hsbc-asset-management.html baldivis western australia
 
] [http://s1.shard.jp/bireba/notron-antivirus.html avg antivirus updates download
 
] [http://s1.shard.jp/galeach/new14.html asia current event
 
] [http://s1.shard.jp/galeach/new126.html asian ts pics
 
] [http://s1.shard.jp/olharder/ak-auto-long.html japan auto sale
 
] [http://s1.shard.jp/olharder/autonomous-systems.html german auto works phoenix
 
] [http://s1.shard.jp/olharder/autoroll-654.html links] [http://s1.shard.jp/bireba/antivirus-2004.html the sheild pro antivirus for macintosh
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html online scan antivirus
 
] [http://s1.shard.jp/olharder/auto-buy-com.html auto buy .com] [http://s1.shard.jp/galeach/new141.html caucasian ovtcharka breeders
 
] [http://s1.shard.jp/frhorton/yoc3js17e.html africa information news travel
 
] [http://s1.shard.jp/bireba/top-ten-antivirus.html grisoft antivirus
 
] [http://s1.shard.jp/bireba/ravantivirus.html per antivirus
 
] [http://s1.shard.jp/galeach/new7.html calendar and asian and woman
 
] [http://s1.shard.jp/losaul/2nd-hand-books.html doctor jobs in australia
 
] [http://s1.shard.jp/losaul/china-export-to.html pedders australia
 
] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/automatic-guided.html automatic control valve
 
] [http://s1.shard.jp/galeach/new44.html chock full of asian
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html quickheal antivirus download
 
] [http://s1.shard.jp/losaul/ozone-therapy-australia.html glue clothing store australia
 
] [http://s1.shard.jp/losaul/professionals.html revs check australia
 
] [http://s1.shard.jp/olharder/anderson-autopsy.html nashville auto racing
 
] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/slayers-autoinstaller.html auto loan bad
 
] [http://s1.shard.jp/frhorton/cluquehu7.html african bead cowrie
 
] [http://s1.shard.jp/olharder/car-ezautoshippersnet.html sears automotive store hours
 
] [http://s1.shard.jp/olharder/autonomy-principal.html autoloc power antenna instructions
 
] [http://s1.shard.jp/olharder/automobile-promotion.html noautoupdate
 
] [http://s1.shard.jp/bireba/antivirus-cd.html antivirus cd] [http://s1.shard.jp/losaul/auction-houses.html air north australia
 
] [http://s1.shard.jp/bireba/mcafee-free-antivirus.html antivirus software free trial
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html winantivirus popup
 
] [http://s1.shard.jp/bireba/norton-antivirus.html download antivirus freeware
 
] [http://s1.shard.jp/frhorton/pr9rl67ra.html eco tour africa] [http://s1.shard.jp/bireba/avg-free-download.html trust antivirus 7.1
 
] [http://s1.shard.jp/frhorton/71w3q2xvj.html africas background it poetry regard when
 
] [http://s1.shard.jp/bireba/etrust-ez-antivirus.html vexira antivirus
 
] [http://s1.shard.jp/losaul/school-camps.html lamington national park australia
 
] [http://s1.shard.jp/frhorton/y9ydrxv6i.html car rental companies in south africa
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html symantec antivirus corp 10
 
] [http://s1.shard.jp/galeach/new196.html beautiful asian faces] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/olharder/internet-auto-part.html john donoghue automotive
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/losaul/lucas-heights-australia.html australian dog miniature
 
] [http://s1.shard.jp/frhorton/n6s8w7eys.html animals of the african savanna
 
 
 
{{template:CandidateForDeletion}}
 
{{template:CandidateForDeletion}}
  

Latest revision as of 07:50, 3 June 2009


This page was marked to be reviewed for deletion.


#REDIRECT Cross-site Scripting (XSS)




Contents

Description

While creating dynamiac web pages it's easy to make a mistake. If a generated page depends on entered data (e.g. URI, HTTP headers etc.) and these data are not filtered enough, it is possible that it can be exploited using XSS technique.

Risk Factors

TBD


Examples

Example 1

Let's assume that we have an error page, which is handling requests for a non existing pages. Classic 404 error page. We may use the code below as an example to inform user about what specific page is missing:

<html>
<body>

<? php
print "Not found: " . urldecode($_SERVER["REQUEST_URI"]);
?>

</body>
</html>

Let's see how does it work:

http://testsite.test/file_which_not_exist

In response we got:

Not found: /file_which_not_exist

Now we will try to force the error page to include our code:

http://testsite.test/<script>alert("TEST");</script>

The result is:

Not found: / (but with JavaScript code <script>alert("TEST");</script>)

We have successfully injected the code, our XSS! What does it mean? E.g. that we may try to steal the cookies. Problems which may occur using XSS techique are:

  • escaping data entered by the user (e.g. character " after escaping will be \"),
  • maximum length of the URI, which HTTP server will accept.

Related Threat Agents

  • TBD

Related Attacks

Related Vulnerabilities

Related Controls