1 00:00:00,060 --> 00:00:01,770 All right, so welcome back, everyone. 2 00:00:01,800 --> 00:00:07,220 This is speech, and this is another very fresh section. 3 00:00:07,650 --> 00:00:09,850 This is about cross site scripting. 4 00:00:10,260 --> 00:00:20,910 Trust me, this is one of the most popular topic among the website application, security, vulnerability 5 00:00:20,910 --> 00:00:27,060 assessment or whatever you say, you know, ethical hacking for Web application as well. 6 00:00:27,990 --> 00:00:33,920 So Web site scripting has been there for as being there for a while. 7 00:00:33,930 --> 00:00:35,640 I mean, for many years, in fact. 8 00:00:36,030 --> 00:00:39,270 And it is very important to understand this. 9 00:00:39,540 --> 00:00:45,510 And but in order to understand the scripting, there are many documents. 10 00:00:45,510 --> 00:00:47,010 There are many articles for us. 11 00:00:47,430 --> 00:00:53,760 But we really if you really want to understand how this really works and what exactly this attack is 12 00:00:53,760 --> 00:00:57,120 all about, scripting is an attack. 13 00:00:57,130 --> 00:01:03,360 Remember this and this attack is only possible because of some vulnerability. 14 00:01:03,660 --> 00:01:04,020 OK. 15 00:01:04,410 --> 00:01:10,230 And we'll be working to understand what this vulnerability is all about. 16 00:01:10,350 --> 00:01:12,720 OK, and let's start from the beginning. 17 00:01:12,750 --> 00:01:14,580 Let's start from the fundamentals. 18 00:01:14,920 --> 00:01:16,750 Let's start from the web. 19 00:01:16,800 --> 00:01:19,320 Let's start from the JavaScript. 20 00:01:19,320 --> 00:01:21,090 That makes it possible. 21 00:01:21,720 --> 00:01:22,190 All right. 22 00:01:22,650 --> 00:01:30,000 So the that's why we have sort of a JavaScript, and it is very, very important to understand JavaScript 23 00:01:30,000 --> 00:01:38,190 because the now whatever you see on the Internet is all because of e-mail and JavaScript. 24 00:01:38,470 --> 00:01:46,950 OK, and for your information, Java and JavaScript is nowhere that although both our programming language, 25 00:01:46,950 --> 00:01:50,520 but they are both foir very much different. 26 00:01:50,580 --> 00:01:59,520 OK, I understand this what the purpose of JavaScript is to make the user experience more engaging, 27 00:02:00,210 --> 00:02:01,110 more useful. 28 00:02:01,590 --> 00:02:07,110 What happened, you know, you that even makes the job of developer pretty easier. 29 00:02:07,110 --> 00:02:07,320 Right. 30 00:02:07,830 --> 00:02:14,640 There are many forms that you fill up and you immediately get a problem saying, hey, you enter a wrong 31 00:02:14,640 --> 00:02:15,140 password. 32 00:02:15,330 --> 00:02:22,260 Hey, prior to entering the new password, it would have been seen. 33 00:02:22,260 --> 00:02:30,540 But this makes the when you make use of JavaScript as a coding language, it makes a very triggered 34 00:02:30,540 --> 00:02:39,620 or very spontaneous or very active response to the user saying, OK, I need to change it without in 35 00:02:39,630 --> 00:02:42,390 a very real time, without even filling up the entire form. 36 00:02:42,390 --> 00:02:47,130 You immediately get the response saying, OK, there's something wrong because you get a pop up on your 37 00:02:47,130 --> 00:02:50,650 windows saying, OK, change this, change that and understand. 38 00:02:51,060 --> 00:02:58,800 So that's all possible because of JavaScript, all lovely looking website or wonderful user interface 39 00:02:58,800 --> 00:03:01,110 on the you know, on their Web application. 40 00:03:01,110 --> 00:03:06,900 It's all possible because of JavaScript, whatever the file you see with its own JavaScript. 41 00:03:07,590 --> 00:03:15,840 Now, JavaScript has been available from the beginning, not from the user side, from the user side 42 00:03:15,840 --> 00:03:16,500 programming. 43 00:03:16,500 --> 00:03:19,910 When it's a user site, it's all all about Web browser. 44 00:03:19,920 --> 00:03:20,170 Right. 45 00:03:20,460 --> 00:03:25,730 So from the Web browser side of browser site programming, it has moved to the server side as well. 46 00:03:26,100 --> 00:03:33,570 And now because of no juice and bluejays express, is it made the job even more, you know, made the 47 00:03:33,660 --> 00:03:39,830 programming even more fantastic and makes the platform even more realistic and realtime. 48 00:03:40,110 --> 00:03:45,240 So that's why you see some heavy platform, you know, Web application. 49 00:03:45,240 --> 00:03:47,250 It's all possible because of JavaScript. 50 00:03:47,540 --> 00:03:47,800 Right. 51 00:03:48,420 --> 00:03:52,050 So it's a scrappy language will understand piece by piece. 52 00:03:52,480 --> 00:04:00,420 And when I say scripting language specifically, it's a it has a lot of dynamic content, a big multimedia 53 00:04:00,450 --> 00:04:02,310 and animated images. 54 00:04:02,310 --> 00:04:04,290 So it's all possible because of JavaScript. 55 00:04:05,010 --> 00:04:11,850 Then, as I told you, it's a client side language and it features there are many features of it storing 56 00:04:11,850 --> 00:04:18,660 the useful information like user credentials, not really credentials, but user related informations, 57 00:04:19,050 --> 00:04:26,370 you know, are forms, first name, last name, location, all the stuff there's JavaScript based form 58 00:04:26,370 --> 00:04:27,900 makes the job very easy. 59 00:04:28,020 --> 00:04:31,560 Pop up windows and all those type APIs. 60 00:04:31,560 --> 00:04:37,980 Of course, all the apps that you see, it's all based on API, I mean, Albie's and JavaScript and 61 00:04:37,980 --> 00:04:38,460 points. 62 00:04:38,790 --> 00:04:45,510 So that's where you get get and post APIs where you can share the information and you can fish the information 63 00:04:45,510 --> 00:04:46,190 with the EPA. 64 00:04:46,260 --> 00:04:51,930 Don't you see many of the travel website or maybe you log in to prove that? 65 00:04:52,230 --> 00:04:58,470 I'm sure there are many, many, you know, aggregator traveling website. 66 00:04:59,010 --> 00:04:59,880 You go there. 67 00:04:59,990 --> 00:05:02,240 But they don't really sell those stuff, right? 68 00:05:02,540 --> 00:05:03,470 They don't really. 69 00:05:03,830 --> 00:05:11,000 If you go to any hotel, dotcom or any any of those websites, they don't really sell those products 70 00:05:11,000 --> 00:05:17,300 by themselves rather than redirect you to somewhere else, but just give you the best product listed. 71 00:05:17,660 --> 00:05:19,760 That's all possible because of the EPA. 72 00:05:20,030 --> 00:05:27,560 So this all Web site, who could be aggregator, they fetches the information from thousands of website 73 00:05:27,800 --> 00:05:29,390 and make it available for you. 74 00:05:29,930 --> 00:05:31,100 And you look at Yahoo! 75 00:05:31,100 --> 00:05:31,550 Dot com. 76 00:05:31,550 --> 00:05:31,830 Right. 77 00:05:32,210 --> 00:05:33,380 So and Yahoo! 78 00:05:33,380 --> 00:05:35,900 You get the feed coming on the main page. 79 00:05:35,900 --> 00:05:42,920 You get the feed coming in from four news for, you know, for information related to weather forecast, 80 00:05:42,920 --> 00:05:50,580 for crooked news for any of the sports news, football matches, update and many others. 81 00:05:50,580 --> 00:05:58,490 So it's all possible because for every other feeds, website depends on the other dedicated website 82 00:05:59,000 --> 00:05:59,970 like Weather Channel. 83 00:06:00,020 --> 00:06:00,290 Right. 84 00:06:00,650 --> 00:06:02,260 So from there, get the feeds. 85 00:06:02,310 --> 00:06:09,950 That's all possible because of the API that the application programming interface and with data communicate 86 00:06:09,950 --> 00:06:15,380 to the other platform, other domains as Summerside use cases. 87 00:06:15,410 --> 00:06:20,550 Of course, I told you that make use of energy is expressed in single digits and many more. 88 00:06:20,570 --> 00:06:20,870 Right. 89 00:06:21,240 --> 00:06:24,770 So that's what makes the JavaScript so useful. 90 00:06:25,430 --> 00:06:26,810 Let's see how it does. 91 00:06:26,810 --> 00:06:34,530 It looks like when you you know, when you understand how how JavaScript makes the job pretty much interesting. 92 00:06:34,940 --> 00:06:37,070 So here is our system. 93 00:06:37,460 --> 00:06:42,540 Here is our time machine running, let's say a browser, maybe Chrome at this moment. 94 00:06:43,160 --> 00:06:48,270 So when I say about Web application, remember that the client is always Web browser. 95 00:06:48,760 --> 00:06:50,880 OK, it's not the end host. 96 00:06:50,930 --> 00:06:52,250 When I say the client side it. 97 00:06:52,250 --> 00:06:53,400 So the browser side. 98 00:06:53,900 --> 00:06:58,070 So all the intelligence of the Web browser sites on the browser itself. 99 00:06:58,820 --> 00:07:02,630 In fact, there's a JavaScript engine for every browser. 100 00:07:02,990 --> 00:07:10,430 So every browser have to have their JavaScript engine, which fetches the information from the server 101 00:07:10,430 --> 00:07:13,850 side and runs on the browser and give you the response rate. 102 00:07:15,380 --> 00:07:20,190 And on the Web server side, you have a website called Example Dot com. 103 00:07:20,210 --> 00:07:20,400 Right. 104 00:07:20,780 --> 00:07:27,950 The request goes to the server, the client in the request, because we SCDP get requests for maybe 105 00:07:29,000 --> 00:07:31,010 get requests could be on the you are right. 106 00:07:31,310 --> 00:07:32,530 For example, dot com. 107 00:07:32,540 --> 00:07:35,500 Maybe he just wanted to get the homepage. 108 00:07:35,730 --> 00:07:41,420 We want to reach out to example, dot com and want to browse it so it would be SCDP get request. 109 00:07:41,900 --> 00:07:44,180 Now what would be the response. 110 00:07:44,180 --> 00:07:45,620 The response could be two hundred. 111 00:07:45,620 --> 00:07:45,980 Okay. 112 00:07:46,000 --> 00:07:46,280 Right. 113 00:07:46,400 --> 00:07:48,970 That's a response quote if the site is available. 114 00:07:48,980 --> 00:07:49,270 Right. 115 00:07:49,610 --> 00:07:57,290 So the response would come back usually what is really the script is all about, because if you see 116 00:07:57,290 --> 00:08:02,950 JavaScript it is all embedded, it's all inserted into the e-mail code. 117 00:08:03,500 --> 00:08:12,680 What I mean to say is if your homepage has a JavaScript defined somewhere, it will simply be inserted 118 00:08:12,680 --> 00:08:14,060 into the e-mail code. 119 00:08:14,060 --> 00:08:20,020 And if you know the e-mail code, it has got two parts at the head and the body. 120 00:08:20,360 --> 00:08:26,380 So in the when the job you talk about JavaScript, you can have JavaScript defined anywhere. 121 00:08:26,390 --> 00:08:31,940 So if you let's say you inserted into the body, you just have to make sure you use the right syntax 122 00:08:32,270 --> 00:08:38,330 script starting with the and script and then just slash including actor. 123 00:08:38,340 --> 00:08:40,280 This is how the website really looks like. 124 00:08:40,310 --> 00:08:46,360 So maybe the website has nothing but just the website as a title. 125 00:08:46,850 --> 00:08:56,900 So it has to part it is it has got its esteemable header and the body is well and I'm talking about 126 00:08:56,900 --> 00:08:58,550 the body part in body. 127 00:08:58,550 --> 00:09:04,280 We have inserted this script and the script says, Alert, welcome, welcome. 128 00:09:05,060 --> 00:09:05,960 What, what's your name? 129 00:09:06,260 --> 00:09:08,540 And that's where the script get completed. 130 00:09:08,760 --> 00:09:14,460 Whatever you insert here, that becomes the program, that becomes the execution. 131 00:09:14,660 --> 00:09:22,000 So what are we trying to do is we are saying to this program, this code basically this is basically 132 00:09:22,010 --> 00:09:24,380 hosted on example dot com server. 133 00:09:24,650 --> 00:09:35,000 And this has this has got an e-mail page which says Pop alert is all about prompt or console or giving 134 00:09:35,000 --> 00:09:37,840 the prompt response output as on the browser. 135 00:09:37,850 --> 00:09:44,930 So whenever somebody open up the browser or reach out to the website, they get the prompt open on their 136 00:09:44,930 --> 00:09:53,090 browser, open on the browser, and it must say, welcome what to me for that the alert is the function 137 00:09:53,090 --> 00:09:54,950 which is being used in the back. 138 00:09:54,950 --> 00:09:56,210 And you see the same name. 139 00:09:56,720 --> 00:09:57,110 Right. 140 00:09:57,290 --> 00:09:59,840 And of course you need the code as well, which is. 141 00:09:59,950 --> 00:10:00,680 Missing here. 142 00:10:02,230 --> 00:10:09,580 So that's what you see if you zoom in, you get the idea on the browser, you see I have made it personally 143 00:10:09,580 --> 00:10:18,200 so you could see it says welcome what to name because we tried we made use of the script. 144 00:10:18,250 --> 00:10:23,440 OK, so that's how you get to see a prompt opening on your Chrome browser. 145 00:10:23,650 --> 00:10:25,650 And that is an embedded page. 146 00:10:25,660 --> 00:10:30,040 And this website says, welcome, what's your name? 147 00:10:30,640 --> 00:10:31,080 All right. 148 00:10:31,090 --> 00:10:34,840 So that's what the job of Java script. 149 00:10:35,110 --> 00:10:46,420 And that's what makes the Internet so scalable so faster as well, because that makes the the the response 150 00:10:46,420 --> 00:10:51,740 to the user pretty quick, very dynamic and pretty much on realtime. 151 00:10:52,180 --> 00:10:52,510 All right. 152 00:10:52,520 --> 00:10:57,970 So this is about the Java script and the next session will understand some of the security challenges 153 00:10:57,970 --> 00:11:02,620 with that and what that does to the next level of solving it. 154 00:11:02,890 --> 00:11:03,260 All right. 155 00:11:03,280 --> 00:11:04,030 So we'll see you then.