EvilZone

Hacking and Security => Hacking and Security => : Kiuhnm November 19, 2014, 03:46:34 AM

: XSS
: Kiuhnm November 19, 2014, 03:46:34 AM: Where does the name XSS come from? Why "cross-site"?
: Go home, you're obviously drunk.
: Spacecow November 19, 2014, 05:38:51 PM: Do I have to waste time calling you stupid or can I just save the energy and let you figure it out?
www.google.com (http://www.google.com)
: Re: XSS
: Axon November 19, 2014, 06:09:23 PM: It comes from a place far beyond the stars? Seriously. WTF, I've never seen someone ask such question!
: Re: XSS
: Kiuhnm November 19, 2014, 06:46:32 PM: What a bunch of idiots you are.

I also asked on http://security.stackexchange.com/ (http://security.stackexchange.com/) and got a serious answer:

Regarding why it has cross-site in the name, Jeremiah Grossman has a good article (http://jeremiahgrossman.blogspot.com/2006/07/origins-of-cross-site-scripting-xss.html) on that. Snipit below:
<blockquote> What was soon discovered was that a malicious website could load another website into an adjacent frame or window, then use JavaScript to read into it. One website could cross a boundry and script into another page. Pull data from forms, re-write the page, etc. Hence the name cross-site scripting (CSS). Notice the use of "CSS". Netscape fired back with the "same-origin policy", designed to prevent such behavior. And the browser hackers took this as a challenge and began finding what seems like hundreds of ways to circumvent the security.
</blockquote>
Different from what we describe as XSS today, but that appears to be the origin.

If to learn a thing or two I have to put up with dickheads like you then I'm out of here. That's not the kind of community I want to be in.
: Re: XSS
: d4rkcat November 19, 2014, 06:55:40 PM: oh hai bud, I think you were looking for spoonfeedmepleasemommy.com and somehow got that mixed up with evilzone.org
But seriously though, the age old adage applies:
You ask a stupid question, you get a stupid answer.

Also I think people here respect some level of effort into self-learning, and this question tells me you don't want to read anything, and I can only deduce from that that you are not really interested in the material.
Come back when you really want to learn.
Good luck grasshopper. :)
: Re: XSS
: 0E 800 November 19, 2014, 07:56:37 PM: (http://i.imgur.com/kDbBZl1.png)

OP aught to be removed.
So here, here is a dickhead:

(http://www.miamakila.com/blogg/wp-content/uploads/2012/04/tumblrm33a-474x700.jpg)
: Re: XSS
: HTH November 19, 2014, 08:30:28 PM: : Kiuhnm November 19, 2014, 06:46:32 PM
What a bunch of idiots you are.

I also asked on http://security.stackexchange.com/ (http://security.stackexchange.com/) and got a serious answer:

If to learn a thing or two I have to put up with dickheads like you then I'm out of here. That's not the kind of community I want to be in.

Door's that way ------------->

Actually here I'll be nice and provide a relevant link for your question
http://lmgtfy.com/?q=why+is+it+called+XSS&l=1

You'll notice, if you let the animation run it's course, that the very first god damn link, in the very first paragraph, says this:

"The basic idea is that in a vulnerable page, you can include your own javascript (or other) code, which then fetches other code from another site - usually a site that you control, of course. This is why it is called "cross-site" - the script "crosses" sites from your site to the compromised site."

Sure his wording is a bit off, but was that so hard? We don't appreciate answering questions that 4 seconds on google could answer for people.
: Re: XSS
: Kiuhnm November 19, 2014, 09:07:02 PM: : HTH November 19, 2014, 08:30:28 PM
"The basic idea is that in a vulnerable page, you can include your own javascript (or other) code, which then fetches other code from another site - usually a site that you control, of course. This is why it is called "cross-site" - the script "crosses" sites from your site to the compromised site."

Sure his wording is a bit off, but was that so hard? We don't appreciate answering questions that 4 seconds on google could answer for people.

In fact, that explanation is JUST PLAIN WRONG. I had already read that page and realized that it provided the wrong answer. For at least two reasons:
1) <script>alert('XSS')</script> is already a XSS attack and shouldn't be called "cross-site" according to that explanation;
2) experts claim that stored XSS attacks shouldn't be called "cross site". Why?
All that led me to ask my question. I simply chose the wrong forum. My bad :(

Who's the lazy one now?

But that doesn't matter. You just proved that, as a community, don't deserve my respect.
: Re: XSS
: 0E 800 November 19, 2014, 09:35:33 PM: What a jerk.
: Re: XSS
: Spacecow November 20, 2014, 01:50:43 AM: : Kiuhnm November 19, 2014, 09:07:02 PM
But that doesn't matter. You just proved that, as a community, don't deserve my respect.

New stupid quote addition to the signature :) thank you.
: Re: XSS
: Xires November 20, 2014, 04:03:47 AM: : Kiuhnm November 19, 2014, 09:07:02 PM
In fact, that explanation is JUST PLAIN WRONG. I had already read that page and realized that it provided the wrong answer. For at least two reasons:
1) <script>alert('XSS')</script> is already a XSS attack and shouldn't be called "cross-site" according to that explanation;
2) experts claim that stored XSS attacks shouldn't be called "cross site". Why?
All that led me to ask my question. I simply chose the wrong forum. My bad :(

Who's the lazy one now?

But that doesn't matter. You just proved that, as a community, don't deserve my respect.

<script>alert('XSS')</script> may help prove that a site is vulnerable to XSS but that is not an actual attack. Such a script merely shows that the site is vulnerable to permitting renderable code to be passed to the web browser and thus, a user's browser can be made to render code from sources other than the intended website. Technically, this is an exploitation of the trust relationship between the browser and the website.

Consider the possibility of including a script employing jquery or similar to load data from another site entirely. Such things could be ads, frame breakout code, redirection scripts, other forms of browser hijacking, a jquery/ajax based keylogger, Java or Flash based code leading to some other form of exploitation, etc. In this sense, you would be forcing the browser to load data from multiple sites to create a figurative sense of 'crossing' connections. It's kinda lame, but it's the general idea.

What's worse is that such a vulnerability actually permits one site to actually attack another site directly using similar methods(albeit via the browser). In such a case, a client could load a malicious website which then exploits an XSS vulnerability on another website via the browser. It is even possible to eliminate referrer information though that's a bit more tricky. With an attack of this form, it is possible to implement a variety of phishing attacks, using the browser primarily as a means to supplementing the loading & transfer of content between both websites. Some consider this using the browser as proxy but in a rudimentary manner others may consider this to be the epitome of 'XSS'.

It is possible that stored attacks may be 'something else', but that doesn't mean that XSS could not be employed as well. An attack does not have to have a single name and no others. You can use multiple things together, including XSS & SQLi & CSRF, etc. There is no reason to be so limiting as to state that an XSS attack, because it is stored, no longer qualifies as XSS. Perhaps the concept is too vague and needs clearer definition but the point remains that an attack employed using XSS is still an XSS attack, no matter what other additional methods it may use. Think Venn Diagram rather than specific categorization.

Also, you'll want to be careful about your use(and acceptance) of the term 'expert'. It is thrown around far, far too often and many times is used in folly. In your pursuit of Hacking, I strongly suggest that you accept none as an expert and seek instead to make yourself more knowledgeable on any topic that interests you. It is not inconceivable that one could gain a better grasp of numerous topics than what many might consider 'expert-level' knowledge through appropriate research and understanding rather than accepting that someone else is merely 'better'. If you limit yourself to the worship of gods, you hinder yourself and restrain the ability to become one.

Furthermore, your opening question was a trollish lead-in. Had you specified that you had specific reason, such that you did not see how the 'alert' JS code would qualify as appropriate XSS and/or that 'experts' claim stored attacks are not XSS or in any way what-so-ever given more credence to your query as something serious and valid, you wold have received a VERY different response from the community as a whole. Because you deliberately lead with such a post and then follow up with an attack on the character of users and the community as a whole, I must conclude that your intention was to goad people into a flame war or otherwise incite dramatic response of an unfavorable attitude. For this reasoning, I believe it was your behavior(in multiple posts, even on multiple threads) that savors of smegma and thus you are, in fact, the 'dickhead'.
: Re: XSS
: ande November 20, 2014, 08:01:48 AM: Oh Xires. You really do know how to say it sometimes <3