A Cross-Site Tracing (XST) attack involves the use of Cross-site Scripting (XSS). It uses the TRACE or TRACK HTTP methods. TRACE allows the client to see what is being received at the other end of the request chain. It is then used for testing or diagnostic information. The TRACK method is only applicable to Microsoft’s IIS web server. XST could be used as a method to steal user’s cookies via Cross-site Scripting (XSS). This will even work if the cookie has the “HttpOnly” flag set and/or exposes the user’s Authorization header.
This site allows an attacker to inject malicious code into the link and implement HTTP TRACE method. By this method, the attacker can steal user’s cookies via Cross-site Scripting (XSS). Cross-site Scripting (XSS) is a client-side code injection attack. Using this technique, an attacker can execute malicious scripts into a legitimate website or web application.
$ curl -X TRACE 127.0.0.1
TRACE / HTTP/1.1
User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
Host: 127.0.0.1
Accept: */*
The issues include:-
Beagle recommends the following:-