Ajax Worm: Proof-of-Concept

By | December 12, 2006

One of the core ingredients of Web 2.0 applications is Ajax encompassed by JavaScript. There is no inherent security weakness in Ajax, but in combination with cross-site-scripting vulnerabilities it can be very dangerous.

An independent security research has published last week a proof-of-concept JavaScript code that propagates through web pages. The Ajax worm utilizes the XMLHttpRequest object to hijack user’s session and by exploiting cross-site-scripting vulnerability it injects a JavaScript code into the web application.

“All you need is a website vulnerable to XSS attack and an attacker can inject a small javascript file which can take control of the user as long as he is on that site and in some cases even after he has left the website. If you want cross domain request you may want to consider FlashXMLHttpRequest object,” says the post.

The source code and an online demonstration are available here.

Leave a Reply