I Haven't posted in a while, I hope you like the slight design changes! In this post I will just give examples of a few simple potential cross site scripting scenarios. The idea is to give people a better understanding of how they work, so they can prevent themselves from being affected in future. Awareness is key! It's also useful to learn how these attacks may be hidden or obfuscated.
As XSS is very common, not too difficult to find (hopefully my past posts prove this) and, you don't need to know a whole lot more than simple javascript or html to potentially exploit them. I feel this is a good place to start exploring if you are interested in web application security.
Here are a few simple ideas and attack scenarios I have thought of and explored. I recently joined twitter. I'm not sure what drove me to but... WOW, I'm surprised at what I've found. It's a malicious attackers dream come true. Thanks to #trending topics it's very easy to expose a mass number of people through the simplest of social engineering attacks ("#OMG LATEST UPDATE!
Everyone should be aware of the risks involved in social media at this stage. Mass exposure to vulnerabilities and scams in an extremely short time period. Bringing people closer together online makes larger groups easier to target. It also means an xss vulnerability on a well known site (something like youtube or facebook) could have catastrophic results. Phishing is rampant and we hear about massive botnets being exposed all of the time. Imagine how many there are we don't know of. The problem with xss is that it's stealthy and in a lot of scenarios it's possible to get code execution without the victim being any wiser.
Since you can call javascript from a remote location, it is possible to abuse anywhere you can host raw text. This could provide a layer of obfuscation for the attacker. Using the raw format of web apps such as Pastebin.com or . It is also possible to make these delete themselves after a time interval.
There are many tools out there to assist attackers with mass xss also, such as beef and xssShell, creating armies of zombie browsers at the attackers fingertips. Using these there are hundreds of easy to use methods of further compromising your browser/information/computer at the attackers whim. Quick example of xssShell/Beef:
No web browser is safe from attack either, despite what people may think of chrome's xss mitigation features. An attack string in the url of will work in both firefox and chrome. (If this string isn't effected by application logic). Another thing I found that commonly happens is one attack vector resulting in multiple popups. This means if the attacker uses */alert(1);