Paper Title
XSS Proof Of Concept Implementation, Analysis And Countermeasures

Abstract
Cross-site scripting (XSS) attacks are a network security attack that poses vulnerability in millions of websites where client activity turns into malicious one due to attack vectors adopted by the attacker. XSS intend to embed malicious scripts in web applications. Whenever the user visits any of such website or application in their browser, the client system becomes victim of XSS attack because the unaware client is responsible for triggering the action on behalf of attacker. The most common way to take advantage of XSS is through the use of social engineering techniques to lure users into performing actions that execute malicious scripts. In this paper an approach of cookie stealing and shell exploitation has been proposed to demonstrate proof of concept of XSS scripts on client machine. Clients become victim of these attacks so easily because they are not aware of vulnerability that is caused due to scripting content execution. Therefore it is necessary to let people know about the variety of harms caused by XSS scripts. So as to show the hazardous effects caused with the execution of XSS scripts, this paper illustrates two different attacks that have been launched using XSS, one of them being potentially leakage to cookie information and other one giving away a client shell to the attacker. Main purpose of this paper is to make users aware about the consequences caused by XSS attacks.