Ninjakreborn Posted April 20, 2006 Share Posted April 20, 2006 I have done a lot of checking around about something called xss, where a malicious user tries to gain access to a database, by malicious means, but I have found nothing on how you can best prevent this, does anyone know, or has someone had an experience with a malicious attacker, using xss, and found a way around it or learnt from it. Quote Link to comment Share on other sites More sharing options...
poirot Posted April 20, 2006 Share Posted April 20, 2006 XSS means "Cross Server Scripting", it's when the attacker manages to inject code in a script; a user that views the page will execute the script, which may be used to steal cookies or whatever. Quote Link to comment Share on other sites More sharing options...
Ninjakreborn Posted April 20, 2006 Author Share Posted April 20, 2006 so I shoudl then learn xss, and start utlilizing it for the purposes, of preventing people from doing it, the best way to attack an enemy is to know them, so wouldn't I need to know there style in order to help prevent against it. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 20, 2006 Share Posted April 20, 2006 xss is not something you want to learn, but you want to learn how to protect against. These days, security needs to be designed into a script from step 1, not put in as an after thought. A good place to start is at the [a href=\"http://phpsec.org/\" target=\"_blank\"]PHP Security Consortium[/a]. Some of the articles found there might be over your head now, but reading them will get you started.Ken Quote Link to comment Share on other sites More sharing options...
Ninjakreborn Posted April 20, 2006 Author Share Posted April 20, 2006 thanks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.