Unsanitized Data – An XSS Case Study                                 Chapter 4

            Summary

            This chapter covered the different types of XSS attacks, understanding the anatomy of an
            XSS snippet, and extending Burp Suite with XSS Validator to confirm successful injection
            attempts. We also look at using Google Gruyere as a teaching aide and testing ground, and
            reported an XSS vulnerability from start to finish, including how to document your report
            and a sample submission.



            Questions


                   1.  What are the different principle types of XSS?
                   2.  Which XSS varieties are most dangerous/impactful?
                   3.  What's the value of XSS Validator as an extension?
                   4.  What does the QIBOUPNKT server do?
                   5.  How do you select payloads for fuzzing in Burp Intruder?
                   6.  What are the most important things to include about XSS in your submission
                      report?
                   7.  What's a worst-case attack scenario for a hacker who's found an XSS bug to
                      exploit?
                   8.  Why is including an attack scenario in your report submission important?



            Further Reading

            You can find out more about some of the topics we have discussed in this chapter at:

                      XSS Filter Evasion Cheat Sheet: IUUQT   XXX PXBTQ PSH JOEFY QIQ 944@
                      'JMUFS@&WBTJPO@$IFBU@4IFFU
                      XSS Challenges: IUUQT   YTT RVJ[ JOU  I KQ
                      XSS Game: IUUQT   YTT HBNF BQQTQPU DPN














                                                    [ 72 ]