Jump to content



Photo
- - - - -

XSS attacks


This topic has been archived. This means that you cannot reply to this topic.
1 reply to this topic

#1   kadett

kadett
  • Members
  • 1 posts

Posted 25 January 2010 - 19:45

Hello everyone. Need help.

My site is continiously attacked by some sort of XSS attacks.

I've installed Anti-XSS script (http://addons.oscommerce.com/info/6044 - the "other version"), but attacks continues though.

Search engine reports that URL's which litter search engines search results is shown below (one of them):

_http://www.xxx.com/index.php?manufacturers=%22%27%3E%3Ca%20href=http://xxx.ru%3Exxx.ru%3C/a%3E&osCsid=%22%27%3E%3Ca%20
href=http://xxx.ru%3Exxx.ru%3C/a%3E&manufacturers_id=%22%27%3E%3Ca%20
href=http://xxx.ru%3Exxx.ru%3C/a%3E&osCsid=%22%27%3E%3Ca%20href=http://xxx.ru%3Exxx.ru%3C/a%3E


http://www.xxx.com/i...x.ru>xxx.ru</a>
Any suggestions?

Dmitry

Edited by kadett, 25 January 2010 - 19:50.


#2   FWR Media

FWR Media
  • Members
  • 6,839 posts

Posted 25 January 2010 - 22:02

Hello everyone. Need help.

My site is continiously attacked by some sort of XSS attacks.

I've installed Anti-XSS script (http://addons.oscommerce.com/info/6044 - the "other version"), but attacks continues though.

Search engine reports that URL's which litter search engines search results is shown below (one of them):

_http://www.xxx.com/index.php?manufacturers=%22%27%3E%3Ca%20href=http://xxx.ru%3Exxx.ru%3C/a%3E&osCsid=%22%27%3E%3Ca%20
href=http://xxx.ru%3Exxx.ru%3C/a%3E&manufacturers_id=%22%27%3E%3Ca%20
href=http://xxx.ru%3Exxx.ru%3C/a%3E&osCsid=%22%27%3E%3Ca%20href=http://xxx.ru%3Exxx.ru%3C/a%3E


http://www.xxx.com/i...x.ru>xxx.ru</a>
Any suggestions?

Dmitry


Security Pro secures the querystring and this is a querystring attack.

I think it is worth remembering however that I can visit your site with naughty stuff in the querystring and the server may log it .. it doesn't mean it has been successful though.

There are tests you can run ( in security pro instructions ) where you can see which characters are getting through.