A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

Huge internet bill? Are you a zombie? How does your computer act as zombie?

Zombie or zombie computers are becoming the number one source of all malware and spam attacks. A zombie is a computer attached to the Internet that has been compromised by

Read More

What are the advantages and disadvantages of honey pots?

Honey pots have several advantages, which are as follows: * Small set of data: Honey pots collect small amounts of data, but almost all of this data is about real

Read More

What Is a Hacker?

Hacker is one of those terms that has a different meaning depending on who uses it. Among programmers, to be a hacker is to be a star. Hackers are programming

Read More