1 00:00:00,180 --> 00:00:06,000 So hi, everyone, welcome back to this new section in this section, we are going to learn about Clydeside 2 00:00:06,000 --> 00:00:08,220 attacking inside planes, attacking. 3 00:00:08,220 --> 00:00:11,330 We are going to cover Accessors, which is Crossette description. 4 00:00:12,150 --> 00:00:17,400 So before going deep into it, first we need to understand what is across the scripting and what is 5 00:00:17,400 --> 00:00:18,420 the origin of it. 6 00:00:18,990 --> 00:00:19,140 So. 7 00:00:19,860 --> 00:00:24,750 So if you talk about the origin of Crossette scripting, so you would often hear that the term Crossette 8 00:00:24,750 --> 00:00:27,950 is scripting and JavaScript is used simultaneously. 9 00:00:28,380 --> 00:00:34,140 So JavaScript is a blindsight scripting language introduced by Netscape in 1995. 10 00:00:34,590 --> 00:00:40,140 So the main purpose of JavaScript was to make the Web browser perform some task at the client site, 11 00:00:40,410 --> 00:00:43,900 although JavaScript can be used for other purposes, too. 12 00:00:44,070 --> 00:00:50,370 It is most commonly used in the Web browser to implement the client side script that can be used to 13 00:00:50,370 --> 00:00:56,700 alter the Web pages and displayed on the browser, for example, like displaying a Pop-Up Error Message 14 00:00:56,700 --> 00:00:57,690 dialog box. 15 00:00:58,560 --> 00:01:02,990 And we can see when the wrong values entered by the user assuming ads from the Web pages. 16 00:01:03,540 --> 00:01:10,650 So some Hickerson soon found out that that using JavaScript they could read data from Web pages loaded 17 00:01:10,650 --> 00:01:12,600 in Eddison Windows or frames. 18 00:01:13,550 --> 00:01:22,190 So does malicious websites could cross the boundary and interact with content loaded on an entirely 19 00:01:22,190 --> 00:01:23,480 different Web pages. 20 00:01:24,470 --> 00:01:26,450 So that is not related to this. 21 00:01:26,720 --> 00:01:27,660 It's to me, actually. 22 00:01:27,860 --> 00:01:31,970 So districts or was named as a cross site scripting attack. 23 00:01:31,980 --> 00:01:38,600 So to blog this attack, Netscape introduced the same Auchincloss policy under which Dalle Web browser 24 00:01:38,600 --> 00:01:46,110 Palmist JavaScript Lautz in one Web page to only access other Web page if they are from the same domain. 25 00:01:46,670 --> 00:01:52,670 So in other words, we can say that a malicious user could not use our script to read data from any 26 00:01:53,000 --> 00:01:54,170 arbitrary Web page. 27 00:01:54,470 --> 00:01:55,700 So in only 2000. 28 00:01:55,700 --> 00:02:03,440 So the JavaScript attack becomes most famous for making the Web based malicious script in a Web browser 29 00:02:03,660 --> 00:02:07,350 rather than reading contents from the Web pages in the adjacent frame. 30 00:02:07,910 --> 00:02:14,000 So although the e-mail closer to scripting attack has changed over the years and the name remains the 31 00:02:14,000 --> 00:02:17,990 same, and therefore some people get confused as. 32 00:02:19,130 --> 00:02:24,080 As to why it is called that glass that is gripping, so over the years, closer to scripting attack 33 00:02:24,080 --> 00:02:31,760 has been using JavaScript to perform malicious activities such as, we can say, molesting poor scanning 34 00:02:31,760 --> 00:02:32,600 and cataloguing. 35 00:02:33,050 --> 00:02:41,340 So Accessors attack can also be used to inject VBS script ActiveX or Flass into a novel that beat so 36 00:02:41,420 --> 00:02:42,990 JavaScript is so widely used. 37 00:02:42,990 --> 00:02:49,420 So we would also UDR to demonstrate example in this particular section. 38 00:02:49,910 --> 00:02:54,830 So guys, in the next lecture we are going to see what a JavaScript and how it looks like. 39 00:02:54,980 --> 00:02:58,970 What are the payloads that we are going to use mostly in this particular section?