Let\'s say someone rooted a site, is it possible for the attacker to do XSS via

Question

Let's say someone rooted a site, is it possible for the attacker to do XSS via document.cookie? Instead of giving the user a name=value, the attacker does something like this name=<script>document.alert(1)</script> and it will store this in users browser as a cookie when he visits site it will execute. Is this possible or am I just way off? So is it possible to store some kind of VBScript/JavaScript exploit in users cookie? Or is that totally not possible? I know there are different ways attacker can approach if he rooted the site but I'm wondering specifically about cookies in users browsers and their capabilities storing code and attacking the client. Is this a possibility or a myth?

Explanation / Answer

A prerequisites to such attack would be that the vulnerable web application presents the unscaped document.cookie on a page, and you have to be able to set the clients cookie (XSS vulnerability).

With a combination of these two vulnerabilities, you should be able to enable a persistent XSS attack - given that the server does not resets the cookie.

Related Questions

Navigate

• Browse (All)
• Browse L
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.