Cross-Site-Authentication-Attacke

In computer science, XSA (better known as Cross-Server Attack) is a networking security intrusion method which allows for a malicious client to compromise security over a website or service on a server by using implemented services on the server that may not be secure.

In general, XSA is demonstrated against websites, yet sometimes it is used in conjunction with other services located on the same server.

XSA is a method that allows for a malicious client to use services that a remote server implements in order to attack another service on the same server or network.

Most website hosting companies that offer hosting for large or even little amounts of separate websites are vulnerable to this method of attack, because of the amount of access services such as PHP and the webserver itself give to a client that allows the client to access other website configurations, files, passwords and the like.

The term XSA was first coined by "DeadlyData", a prominent hacker during the early 2000's, over a voice communications software called TeamSpeak. While he had not invented or pioneered this method of intrusion, he coined it as a shorter term to describe the act of performing XSA.

It was then used further in the community and now supports for most of the methods and subsets of the method that give both hackers and malicious clients the terminology to attack websites using software that is located on the same server.

• TheDefaced Security Team
• DarkMindZ - Think Dark
• r00tsecurity - Your Security Community
• Go Null Yourself

SQL Injection | XSS | CSRF | Buffer overflow