Week 5 – XSS

{loadposition adposition4}

{loadposition adposition5}Overview

Cross site scripting (XSS) is an attack vector that targets vulnerable web applications hosted on web sites. The attack involves injecting malicious scripts into a web page through the vulnerable web application like a comment system, blog, guestbook or login form. Once the malicious script is embedded into the web page it will execute when visitors visit the infected web page.   

Week 5 Assignment

For this lab, you will need to set up an environment to practice simple XSS attacks. This will involve installing a webserver, a database server, and a vulnerable web application and web pages. Once the server environment is set up on your lab XP client you will practice the attacks using your BackTrack distro.

Click here for detailed instructions and some video tutorials: XSS with a Vulnerable WebApp

Author: Dan

Dan teaches computer networking and security classes at Central Oregon Community College.

Leave a Reply

Your email address will not be published. Required fields are marked *