Jump to content
MakeWebGames

XSS Help

SHAD

By SHAD
in General Discussion

 Share

Recommended Posts

SHAD Newbie

SHAD

Posted
Posted

Greetings MWG users

I am learning about XSS attacks and how to secure them,if i would be greatful if any user could give me an example of a unsecure and then a secure example of this type of an attack.

prefably a login page example.

i am not asking anyone to fix my codes because i want to learn myself how to do so and am just looking for an example of how to an unsecure would look compared to a secure. :)

Regards all

SHAD Newbie

SHAD

Posted
  • Author
Posted
I'm not sure what you mean by an unsecure and secure example of XSS.

A login page would not likely be a target of xss because the user login data is never displayed in the browser.

I have written an article on XSS, maybe you will find it helpful: http://www.webgamewiki.com/XSS

Thanks that was helpful ,but what i ment on the login page was that, cant eh cookies get stolen that are displayed on the loginpage

example

These java script codes are in my login page and it it possible for someone to steal cookies from these java vars,i am fairly new to this so its a bit hard for me to understand, and thanks again mate for you help.

The code

<script language="JavaScript">
<!--

function getCookieVal (offset) {
 var endstr = document.cookie.indexOf (";", offset);
 if (endstr == -1)
   endstr = document.cookie.length;
 return unescape(document.cookie.substring(offset, endstr));
}
function GetCookie (name) {
 var arg = name + "=";
 var alen = arg.length;
 var clen = document.cookie.length;
 var i = 0;
 while (i < clen) {
   var j = i + alen;
   if (document.cookie.substring(i, j) == arg)
     return getCookieVal (j);
   i = document.cookie.indexOf(" ", i) + 1;
   if (i == 0) break;
 }
 return null;
}
function SetCookie (name,value,expires,path,domain,secure) {
 document.cookie = name + "=" + escape (value) +
   ((expires) ? "; expires=" + expires.toGMTString() : "") +
   ((path) ? "; path=" + path : "") +
   ((domain) ? "; domain=" + domain : "") +
   ((secure) ? "; secure" : "");
}

function DeleteCookie (name,path,domain) {
 if (GetCookie(name)) {
   document.cookie = name + "=" +
     ((path) ? "; path=" + path : "") +
     ((domain) ? "; domain=" + domain : "") +
     "; expires=Thu, 01-Jan-70 00:00:01 GMT";
 }
}
// -->


</script>
<script language="JavaScript">
var usr;
var pw;
var sv;
function getme()
{
usr = document.login.username;
pw = document.login.password;
sv = document.login.save;

if (GetCookie('player') != null)
{
	usr.value = GetCookie('username')
	pw.value = GetCookie('password')
	if (GetCookie('save') == 'true')
	{
		sv[0].checked = true;
	}
}

}
function saveme()
{
if (usr.value.length != 0 && pw.value.length != 0)
{
	if (sv[0].checked)
	{
		expdate = new Date();
		expdate.setTime(expdate.getTime()+(365 * 24 * 60 * 60 * 1000));
		SetCookie('username', usr.value, expdate);
		SetCookie('password', pw.value, expdate);
		SetCookie('save', 'true', expdate);
	}
	if (sv[1].checked)
	{
		DeleteCookie('username');
		DeleteCookie('password');
		DeleteCookie('save');
	}
}
	else
{
	alert('You must enter a username/password.');
	return false;
}
}

</script>

bluegman991 Newbie

bluegman991

Posted
Posted

cookies are stored on your computer so no 1 person on 1 computer cant steel another person login info on another computer from that

all that does is save ur username and password so u dont have to retype it in everytime ur logged out which is not really needed anymore cuz most good browsers have save password options built in

a_bertrand Newbie

a_bertrand

Posted
Posted

Yes cookies are stored on the player/user computer, however the browser send them for EACH requests (page, images, js, css files and whatever else) its doing. So if you store the cookie containing a plain password, everyone between the server and the player will be able to see it with packet sniffing tools (tools like that: http://www.wireshark.org/).

There is 2 ways to solve that:

- Use HTTPS where nothing is passed in plain text.

- Encrypt data (either with an asymmetric key, or store them into an hash).

The first option is the easiest to implement and it's the one used by banks, paypal and others.

For the second one, you can check the zap engine, and see how I implemented it.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...