TABLE OF CONTENTS XSS is an attack technique that forces a Web site to display malicious code, which then executes in a user's Web browser. Consider that XSS exploit code, typically (but not always) written in Hypertext Markup Language (HTML)/JavaScript (aka JavaScript malicious software [malware]), does not execute on the server. The server is merely the host, while the attack executes within the Web browser. The hacker only uses the trusted Web site as a conduit to perform the attack. The user is the intended victim, not the server. Once an attacker has the thread of control in a user's Web browser, they can do many nefarious acts described throughout this book, including account hijacking, keystroke recording, intranet hacking, history theft, and so on. This section describes the variety of ways in which a user may become XSS'ed and contract a JavaScript malware payload.
For a Web browser to become infected it must visit a Web page containing JavaScript malware. There are several scenarios for how JavaScript malware could become resident on a Web page.
The Web site owner may have purposefully uploaded the offending code.
The Web page may have been defaced using a vulnerability from the network or operating system layers with JavaScript malware as part of the payload.
A permanent XSS vulnerability could have been exploited, where JavaScript malware was injected into a public area of a Web site.
A victim could have clicked on a specially crafted non-persistent or Document Object Model (DOM)-based XSS link.
To describe...
