Time
9 hours 31 minutes
Difficulty
Intermediate
CEU/CPE
10

Video Description

This lesson offers a lab and solution for reflected cross site scripting. Cross site scripting is when invalid information is used in an http response. In this demonstration, the instructor manipulates a table using JavaScript to change prices and quantities for items to purchase online, encouraging users to click and capture the data.

Video Transcription

00:04
Hello and welcome to the side. Very secure coding. Course my name Miss anywhere, and this is AWAS top 10 for 2013.
00:13
A three cross I scripting lab in solution. This is tthe e Web goat reflected cross site scripting solution. This is the lab solution for cross site scripting reflected cross site scripting attacks.
00:31
Now the lesson says it's always good practice to validate all input on the server side. Cross site scripting can occur when a kn validated user input is used in an http response.
00:46
In a reflected cross site scripting, attack
00:49
an attacker king craft to U R L with the attacks script and post it to another website e mail it or otherwise get a victim to click on it
01:00
now in this particular lab. What we're going to do is we're going to manipulate this table
01:10
so that instead of having to pay these prices for each item, we actually want to set the price to be zero, and we want to order a bunch of them
01:23
and we want to pay nothing.
01:25
You know, this is going to be possible because, as the lesson alluded to, there's no input validation being done on the server side as well as
01:38
there is no output in coding that is being done in htp response, which means we can pretty much have our way with with this whole page. And so, in order for you to better understand how they exploit is done,
01:56
I actually have some, uh, some of the code here from the HTML page. So I have if you right, click the page source right, and you search for certain words, you can basically get this table,
02:12
and this table is nothing more than those shopping items. So here's the studio laptop. Ah, notebook case. Another note. Put another note book and a service plan,
02:28
and then you can see the different prices for each etcetera in these air. What we're going to set to zero
02:35
now. What I have crafted here is the actual JavaScript that's going to modify these values
02:43
for the prices to become zero and for the quantity to become
02:49
a lot like the 100,000 items.
02:53
And so I
02:55
I have the JavaScript packed here, but here I've got it written out so you can see.
03:02
Basically, we're looking for the tag name of table data and That is what you see here that I just showed below from the page source.
03:13
And we're going to actually look for the dot because the dot has the dollar amount on. We're going to instead set that to the price of zero
03:24
and then also we're going to look for input. We're actually going to set the value for the quantity from one to be 100,000.
03:37
Okay. And so that's that's how um, the script is going to work. So
03:43
you'll go ahead and copy this
03:47
and we're going to exploit this three digit access code.
03:57
I did have an alert there to let you know that something is happening.
04:03
And so, as you can see, we've successfully changed the price to be zero for each of the items.
04:13
And we've also increased our quantity to be 100,000 of each.
04:18
And we are not getting charged anything on our credit card.
04:24
Now, if you wanted to preserve the original credit card number, you can play around with the scripts, amore. But this basically provides the main basis for understanding the lesson. And of course, we've got we've gotten credit for this

Up Next

Secure Coding

In the Secure Coding training course, Sunny Wear will show you how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, & Resource Management.

Instructed By

Instructor Profile Image
Sunny Wear
Instructor