Medanese IT Geek, movie lover and (mostly) law-abiding citizen. Dreaming of cheap and easy access to ICT, healthcare and education in Indonesia.



XSS (Cross Site Scripting) to XML Injection

Category: IT in General,Security,Web — kamaruddin @ 12:28 pm

Web developer or everyone who’s into web business must be aware and keeping abreast of latest threats to server and application. Recently, WhiteHat Security released “Website Security Statistics Report”. In this whitepaper, Cross Site Scripting a.k.a XSS is on the top of “The Top Ten Vulnerabities”. SQL Injection is on the 5th. XSS surpasses the SQL injection since lots people do not realize/take lightly on the impact. XSS exposes the internet users to remote access/data theft. Generally, it’s also a lot work (compared to sanatizing your database input) to audit your code, examine and test if it’s vulnerable.

And then, The Spanner showed us an XML Injection POC. Vulnerable browsers are Firefox and Opera. Hope they’re fixing it on the next release. Surprisingly, IE7 is NOT vulnerable.

The concept proves that XML is exploitable. Possibilities of cookie stealing and/or redirecting to evil site.

Here’s the code:

Screenshot of XML Injection in FF2, Opera and IE7

XML Injection in Firefox 2

XML Injection in Opera 9.23

• • •

No Comments »

No comments yet.

Comments RSSTrackBack URI

Leave a comment

Using modified "Sitepoint-like" Theme. kamaruddin [-at-] gmail *dot* com