Programmers who design websites are always want to validate the data submitted by the user to any website.
there are may ways to validate the data by using server side , client side and in data servers methods.
Many of us who want to make website and take input for user with validating it on client side is not good for site health if not properly used.
there are many ways by which we can alter the validating detail and submit some incorrect info to website and make able to produce result accordingly.
JAVASCRIPT ATTACK
These attacks are used to bypass a validating process of a site which checks the information from client side.
they just have to open that site and load on there browser
than just have to input some java scripts on that site to check weather it is vulnerable or not.
javascript:alert(1);
then it produce an alert message.
it means that you are done with javascript.
after that if the site is storing the data in there cookies ,than they change the cookies store by the site and make it true if required to proceed further.
javascript:alert(document.cookie);
this display the cookie store in.
javascript:document.cookie.replace(current_value, your_value);
this change the current value of the cookies stored in.
FORM VALUES ALSO CHANGE BY THIS
javascript:void(document.form[0].value="your_value";
this makes the value of form according to yours.
these are the ways by which anyone can manipulate the values of client side script validation, so be aware before make use of these syntax.
USE PROPER VALIDATION TO BE SAFE FROM THESE ATTACKS.
No comments:
Post a Comment