By: Pooja
XSS worm, also known as the XSS virus, is the malicious scripting code crafted by the attacker using JavaScript that violates the security policies imposed in the web browser. It is done to propagate the XSS worm to as many users of the web application as possible. XSS vulnerability exists in most web applications that an attacker exploits to inject a malicious XSS payload. The self-replicating property of the XSS worm makes it more lethal, as it can eventually infect the entire users of the infected web application. In this article, you will learn about the real-time XSS worm that has infected users of popular web applications like Facebook, Twitter, Yahoo!, etc.
XSS Worm | Year |
Boonana | 2010 |
Bom Sabado | 2010 |
OnmouseOver | 2010 |
Flash Based Worm | 2009 |
Koobface | 2009 |
Mikeyyy | 2009 |
XSS Bug | 2009 |
W32/Kutwormer | 2007 |
MW.orc | 2006 |
SpaceFlash | 2006 |
Yamanner | 2006 |
Samy | 2005 |
How does XSS worm Propagate?
Thinking about the phase change in XSS worm propagation, so here is your answer. You will learn about the XSS worm’s lifecycle, i.e., what phases an XSS worm will enter while propagating from one user to another. Lets’ get started…
There are basically 4 phases: vulnerability exploitation, intensify privilege, replication and, proliferation.
- Vulnerability exploitation: This phase starts when an attacker exploits existing XSS vulnerability in a web application to inject maliciously crafted XSS payload, i.e., XSS worm. So, whenever a user visits the infected web page, then he/she will get infected by the worm, i.e., it self-replicates itself.
- Intensify privilege: At this point, the worm escalates the privilege of the victim on the website that is infected, and the user has its session logged in. It facilitates an attacker to perform some actions that may be harmful or not, on the user’s behalf. It occurs because the worm helps in cookie stealing, session token theft, etc.
- Replication: Now, the main task is to replicate the worm on the user’s page. So, in this phase, the worm replicates itself to the victim’s page on the website, say home page on the social media platform, to infect other users who are connected to the victim in any manner.
- Proliferation: here, the worm will propagate to other website users whosoever visits the infected user’s page. This makes the worm more progressive as it repeats all of its lifecycle phases with the new victim.
See more related articles
- XSS vulnerability. Cross Site Scripting (XSS) Software Attack | OWASP Foundation
- Types of XSS worm. Building Next Generation XSS Worms – Belgium (owasp.org)
- XSS worm scripting. GitHub – payloadbox/xss-payload-list: 🎯 Cross Site Scripting (XSS) Vulnerability Payload List