Jump to content


Photo

xss


  • Please log in to reply
4 replies to this topic

#1 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 20 April 2006 - 01:00 AM

I have done a lot of checking around about something called xss, where a malicious user tries to gain access to a database, by malicious means, but I have found nothing on how you can best prevent this, does anyone know, or has someone had an experience with a malicious attacker, using xss, and found a way around it or learnt from it.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#2 poirot

poirot
  • Members
  • PipPipPip
  • Advanced Member
  • 646 posts
  • LocationAustin, TX

Posted 20 April 2006 - 01:07 AM

XSS means "Cross Server Scripting", it's when the attacker manages to inject code in a script; a user that views the page will execute the script, which may be used to steal cookies or whatever.
~ D Kuang

#3 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 20 April 2006 - 01:10 AM

so I shoudl then learn xss, and start utlilizing it for the purposes, of preventing people from doing it, the best way to attack an enemy is to know them, so wouldn't I need to know there style in order to help prevent against it.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#4 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 20 April 2006 - 01:42 AM

xss is not something you want to learn, but you want to learn how to protect against. These days, security needs to be designed into a script from step 1, not put in as an after thought. A good place to start is at the [a href=\"http://phpsec.org/\" target=\"_blank\"]PHP Security Consortium[/a]. Some of the articles found there might be over your head now, but reading them will get you started.

Ken

#5 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 20 April 2006 - 01:56 AM

thanks.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users