Assignment 3
نص القصة المصورة
- They will pay for this
- Jim Is a computer Science Student that has experience in conducting XSS attacks. He comes across a web forum that people can anonymously comment on college students. In this forum people upload a picture of the student and a message
- Jim sees a bad picture of him with a mean message. The person who uploaded this was not aware that Jim was able to carry out XSS attacks.
- Upset due to the mean post made about him. Jim decides to carry out an attack on the website in an act of revenge
- After inspecting the website he notices the image URL is outputted with innerHTML and it uses whatever the user enters as an image in the end here as a source. Jim manipulates the image URL such that changes this element a little
- He start by inputting an invalid image URL. He adds a double qoute at the end of the URL effectively closing off the source attribute. Now he can add a new attribute and since this all will be interpreted as HTML this is one way of attacking this website. Jim adds the onerror attribute. By using an invalid URL Jim can force the loading process to fail. And here is where Jim can add his java script code
- After continuously attacking the website in this manner the website had to taken offline
تم إنشاء أكثر من 30 مليون من القصص المصورة