XSS - Possible measures

I understand that there are some tools like Nessus and Nikto that would help detect such attacks. I have no idea about them though. Just came across these stuffs and hence though of sharing the same.

Following is a shame less copy and paste. Again just wanted to share what I read.

How to Protect Yourself

The primary defenses against XSS are described in the OWASP XSS Prevention Cheat Sheet.

Also, it's crucial that you turn off HTTP TRACE support on all webservers. An attacker can steal cookie data via Javascript even when document.cookie is disabled or not supported on the client. This attack is mounted when a user posts a malicious script to a forum so when another user clicks the link, an asynchronous HTTP Trace call is triggered which collects the user's cookie information from the server, and then sends it over to another malicious server that collects the cookie information so the attacker can mount a session hijack attack. This is easily mitigated by removing support for HTTP TRACE on all webservers.

The OWASP ESAPI project has produced a set of reusable security components in several languages, including validation and escaping routines to prevent parameter tampering and the injection of XSS attacks. In addition, the OWASP WebGoat Project training application has lessons on Cross-Site Scripting and data encoding.

And I guess you can get more ideas on the possible ways by which you can be exploited in http://ha.ckers.org/xss.html.

Hope this helps :)

XSS Cross-site scripting makes me worry

The concept of cross site scripting rang a bell inside me a long time ago. I was kind of wary about it and I even learnt to perform it. Hey I am not a hacker, dont start getting ideas already. Its just that I am curious and feel very happy to experiment stuffs the safe way as most of us prefer to do. Recently I came across a nice post about it in https://www.owasp.org/index.php/Cross-site_Scripting_(XSS).

It was very informative and very useful. I am getting newer ideas even when I am typing this one down. All stuffs posted in the site are basic and clean, but opens up my mind to a lot of potentially harzardous methods, if employed by some one against my sites, would be a massacre.

By my thoughts some of the stuffs that bothers me about how XSS may affect us are

1.
<html>
<body>

<? php
print "Not found: " . urldecode($_SERVER["REQUEST_URI"]);
?>

</body>
</html>

2.
http://testsite.test/<script>alert("TEST");</script>

3.<%...
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("select * from emp where id="+eid);
if (rs != null) {
 rs.next();
 String name = rs.getString("name");
%>

Employee Name: <%= name %>
where name can be an XSS Hack

You can steal user session cookie etc.. and a lot more of such examples can be made

Most of the times when I am into serious mind wrecking program issues, all I would need was one loop hole, however small it may be, and I would fix the issues. I will just get what ever I want out of it.

All I did here was 10 minutes of thinking about what can I do with XSS. And I already got a lot of options.

Worst case, if I could understand a browser, which I definelty can if I spend a couple of months may be, I my self can do idiotic stuffs. So what can a full time hacker be capable of. Hope I dont get a cyber attack. This is scary