locked
Reflective XSS solution needed. RRS feed

  • Question

  • User953931160 posted

    Hi,

    I am working on solving  security issues related to reflective xss and i needed a solution to protect my application from getting attached by reflective xss.

    Any one has the MSI file or DLL OF SECURITY RUNTIME ENGINE. I think this may help me to solve my issue.

    Please let me know if any one can help me with the dll or any other solution which can help me to protect my application from reflective xss.

    Regards,

    Santosh Kumar Dash

    Thursday, August 21, 2014 4:01 AM

Answers

  • User-760709272 posted

    Security has to be thought about while you are developing your application in everything you do.  If you write a website without thinking about security, then want to go back and "make it secure" then you're going to have a long and tough job.  There is no magic setting or library or anything that will make your site secure, otherwise the net would be a lot safer than it is.  You have to first understand the vulnerability you're protecting against, then for every single page, and every place you display output you have to work out if that bit of code is vulnerable, and if it is then fix it.  For xss it is normally fixed by using Server.HtmlCode(dataToWrite) rather than just writing the data out.  If you're using razor then this task is easier as it encodes by default.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 21, 2014 6:42 AM
  • User-1151753377 posted

    Hi santosh0288,

    According to your description, I know you want to protect your application from reflective xss.

    As far as I know, if you want to prevent the cross-site scripting, please refer to steps below:

    Step 1. Check that ASP.NET request validation is enabled.

    Step 2. Review ASP.NET code that generates HTML output.

    Step 3. Determine whether HTML output includes input parameters.

    Step 4. Review potentially dangerous HTML tags and attributes.

    Step 5. Evaluate countermeasures.

    Something about the MSI file :

    http://www.frontmotion.com/Firefox/download_firefox.htm

    More information about the XSS, please refer to the links below:

    http://msdn.microsoft.com/en-us/library/ff649310.aspx

    https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

     

    if you have any other questions, please feel free to post in this fourm.

    Best Regards,

    Summer

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 21, 2014 10:54 PM

All replies

  • User-760709272 posted

    Security has to be thought about while you are developing your application in everything you do.  If you write a website without thinking about security, then want to go back and "make it secure" then you're going to have a long and tough job.  There is no magic setting or library or anything that will make your site secure, otherwise the net would be a lot safer than it is.  You have to first understand the vulnerability you're protecting against, then for every single page, and every place you display output you have to work out if that bit of code is vulnerable, and if it is then fix it.  For xss it is normally fixed by using Server.HtmlCode(dataToWrite) rather than just writing the data out.  If you're using razor then this task is easier as it encodes by default.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 21, 2014 6:42 AM
  • User953931160 posted

    Hi AidyF,

    Thanks for the reply.

    I am not having issues with stored XSS that part is good. As you mentioned we are already using server.htmlencode as well as server.urlencode where ever it is necessary.

     Where i am having the problem is when a url is sent from a web browser to server (for example :http://localhost:56683/Default.aspx) in between by using a proxy server (burp suite) we interupt the request and change the URL(for example:

    http://localhost:56683/Default.aspx?_TSM_HiddenField_=ctl00_ScriptManager1_HiddenField&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c%20Version%3d3.5.40412.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3afbed34b8-cd7b-4bfb-945f-ed9790d8e176%3a5546a2b%3a475a4ef5%3ad2e10b12%3aeffe2a26%3ab209f5e59) and remove accept encodding header then it will go and hit the server and send us the response as well as it is running the script injected into the url by the proxy server.

    Since the url content is changed it is redirecting to error page but it is not preventing the java script which is injected into the url from getting executed.

    I want to prevent any java script injected into the url before getting executed.

    Regards,

    Santosh Kumar Dash

     

    Thursday, August 21, 2014 7:11 AM
  • User-1151753377 posted

    Hi santosh0288,

    According to your description, I know you want to protect your application from reflective xss.

    As far as I know, if you want to prevent the cross-site scripting, please refer to steps below:

    Step 1. Check that ASP.NET request validation is enabled.

    Step 2. Review ASP.NET code that generates HTML output.

    Step 3. Determine whether HTML output includes input parameters.

    Step 4. Review potentially dangerous HTML tags and attributes.

    Step 5. Evaluate countermeasures.

    Something about the MSI file :

    http://www.frontmotion.com/Firefox/download_firefox.htm

    More information about the XSS, please refer to the links below:

    http://msdn.microsoft.com/en-us/library/ff649310.aspx

    https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

     

    if you have any other questions, please feel free to post in this fourm.

    Best Regards,

    Summer

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 21, 2014 10:54 PM