Thursday, September 18, 2014

Cross-Site Scripting (XSS) Vulnerability

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into trusted web sites. 

Cross-site Scripting (XSS) is generally believed to be one of the most common application layer hacking techniques.

XSS is the hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

There are three types of XSS Attacks :
  • Stored/Persistent XSS

Stored XSS generally occurs when user input is stored on the target server, such as in a database, in a message forum, visitor log, comment field, etc. And then a victim is able to retrieve the stored data from the web application without that data being made safe to render in the browser.
  • Reflected/Non-Persistent XSS

Reflected XSS occurs when user input is immediately returned by a web application in an error message, search result, or any other response that includes some or all of the input provided by the user as part of the request, without that data being made safe to render in the browser, and without permanently storing the user provided data.
  • DOM Based XSS


It is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner. That is, the page itself (the HTTP response that is) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the DOM environment.

Few of the popular websites vulnerable to XSS which I found out while browsing into these websites. I reported the issues to the respective websites support and security team. They have fixed the issue after that.

1. www.thefind.com

    Vulnerable Parameter: query

XSS vulnerability
XSS in www.thefind.com
2. www.timesdeal.com

    Vulnerable Parameter: searchname

XSS Vulnerability
XSS in www.timesdeal.com
3. www.tradus.com

XSS Vulnerability
XSS in www.tradus.com
4. www.redbus.in

   Vulnerable URL parameters: "fromCityName" and "toCityName".

XSS Vulnerability
XSS in www.redbus.in

How to Determine If You Are Vulnerable


XSS flaws can be difficult to identify and remove from a web application. The best way to find flaws is to perform a security review of the code and search for all places where input from an HTTP request could possibly make its way into the HTML output.

How to Protect Yourself

  • Contextual output encoding/escaping of string input
  • Safely validating untrusted HTML input

Tuesday, September 9, 2014

Night trekking @ Skandagiri Hills

Skandagiri Hill is situated in Chikballapur district of Karnataka, which is approximately 70 km from Bangalore. Skandagiri is also known as Kalavara Durga. The peak is at an altitude of about 1350 metres.

It was an amazing adventurous night trekking experience. We were a group of three friends and joined a group of five law students at the base. 

One of the ancient and oldest mutt of Karnataka - Papagni Mutt is located at the base.

Skandagiri trek is a moderately difficult trek, but if you are trekking in night you need to be extra cautious.

We started our journey towards the zenith at around 1:45 AM. It was a beautiful night with a bit strong breeze and a very light drizzle. Stretches were a bit slippery due to the rain. So, we were climbing slowly and cautiously, relaxing after every 15-20 minutes of climb. 

Finally we reached at the top and it took around 3 hours, for us, to reach to the top. 

We stayed there for quite some time ( around 3 hours) - enjoyed the Campfire, hot maggie and tea, which we bought from the local shop, run by the villagers, present there.

In morning, it was very cloudy and visibility was very less. So, we didn't get a chance to witness the beautiful sunrise. :(

Things to carry for this trek:
  1. One LED Torch (fully charged) per person – It’s a must and don't rely on your phone’s torch.
  2. Shoes with good grip.
  3. Water, energy drinks and light snacks.
  4. Warm clothes
  5. First aid kit and medicines, knife and stick
  6. Mats, Rain coat(good to have if it's rainy season).
  7. A strong backpack to carry all these things.
How to Reach Skandagiri Hills from Bangalore :
  • If going on your personal vehicle, then follow the Kempegowda International Airport, better known as Bellary Road (NH 7). After crossing BIA take the diversion to Chikballapur. Travel time would be around 1 and half hours.
  • Take KSRTC bus from Platform number 11 at Majestic KSRTC Bus Station. Ticket fare is Rs. 57 and It takes around 1 and half hours to reach Chikballapur Bus Stand. From there, either you can take auto to reach to the base of Skandagiri hills.

It would be nice if you carry a good camera and GPS enabled smartphone.

There is a shop at the top in one of the fort structures which has the ganesha temple inside it. They sell maggie, tea, camp fire, water bottles at almost 4 or 5 times the market price.

Some Pics (From my moto g) :

Beginning of the Trek
It's the Beginning
At the Top of Skandagiri Hills
At the Top of Skandagiri Hills
Fighting with the Winds
Fighting With the Winds
Three Idiots
Three Idiots
Abhishek Singh - Tashan
TASHAN
I am at the Horizon
I am at the Horizon 
Kishore in Tashan Returns @Skandagiri Hilss
Tashan Returns
Skandagiri Hills
Skandagiri Hills


I am The King of This City @Skandagiri Hills
I am The King of This City


@Skandagiri Hills

Wednesday, July 9, 2014

Dynamically Add/Remove Rows in HTML Table Using Javascript

Following code snippet will show how to dynamically add/remove rows in Table using simple HTML and Javascript :

Source Code :
 HTML Table :  
   
 <table cellspacing=0 cellpadding=0 border=0 border-spacing=10px id="attributes_configuration_table">  
   <thead>    
     <tr>          
       <th><b>Name</b></th>             
       <th><b>Value</b></th>    
     </tr>  
   </thead>  
   <tbody>    
       <tr id="row_1">          
       <td>            
         <input type="text" name="attribute_name_1" id="attribute_name_1" style="margin-right:10px" autocomplete="off">                  
     </td>              
       <td>            
         <input type="text" name="attribute_value_1" id="attribute_value_1" style="margin-right:10px" autocomplete="off">          
       </td>        
       <td><input class="new_button" id="+" name="+" onclick="addTableRow('attributes_configuration_table')" type="button" value="+">  
       </td>    
     </tr>  
   </tbody>  
 </table>  

JavaScript :
 var counter = 1;  
 function addTableRow(TableId) {  
   var table = document.getElementById(TableId);  
   counter++;  
   var rowCount = table.rows.length;  
   var row = table.insertRow(rowCount);  
   row.id = 'row_' + counter;  
   
   var cell1 = row.insertCell(0);  
   var element1 = document.createElement("input");  
   element1.type = "text";  
   element1.autocomplete = "off";  
   element1.name="attribute_name_" + counter;  
   cell1.appendChild(element1);   
   
   var cell2 = row.insertCell(1);  
   var element2 = document.createElement("input");  
   element2.type = "text";  
   element2.autocomplete = "off";  
   element2.name="attribute_value_" + counter;  
   cell2.appendChild(element2);  
       
   var cell3 = row.insertCell(2);  
   var newButton    = document.createElement("input");  
   newButton.className = "new_button";  
   newButton.type   = "button";  
   newButton.value   = '-';  
   newButton.onclick  = removeRow;  
   cell3.appendChild(newButton);  
 }  
   
 function removeRow (id) {  
   var rowNode = this.parentNode.parentNode;  
   // Delete this node  
   rowNode.parentNode.removeChild(rowNode);  
 }  

Live Demo