Cross-site scripting viruses and worms – a new attack vector

XSS VIRUSES

This vector uses self-propagating code to create the newest virus breed. It exhibits some of the phenotypes of the conventional computer virus with a new underbelly that makes it platform-independent.

Current web application trends will make XSS viruses become more of a headache for overworked system administrators. Anyone even vaguely aware of Internet trends will know of the push for more and more webbased applications. We have already seen a few clever applications appear in the area of document processing. This trend is utilizing new technologies, such as AJAX. The expanding functionality, increasing sophistication and the adoption of new technologies within web based applications has led to an inevitable consequence. Issues once thought to be low impact have gained in significance. Recently, MySpace discovered this the hard way.

Conventional Cross-site Scripting

The appearance of cross-site scripting occurred a tech-sector generation ago. This vulnerability allows code to be injected into web sites with the aim of being parsed and/or executed by web browsers. Traditionally, cross-site scripting issues have been considered to exist in one communication channel: server-to-client. This article will not explore the details of XSS as there are ample resources on the web that cover the issues adequately. However as a quick overview, XSS can be divided into two categories: Permanent and Non-permanent. Non-permanent XSS is returned immediately and doesn't remain on the server. Alternatively, permanent XSS will remain on the server and be returned to any browser requesting the injected page.