XSS for beginners
XSS or Cross site scripting is one of the biggest security flaw in web application which allow an attacker to steal cookies, redirect to malicious pages etc. This vulnerability has affected all type of websites from Google to Facebook. It is a type of vulnerability which allows an attacker to inject malicious codes into the web apps. While talking of xss we think of JavaScript, but it’s not only JavaScript’s it can be any HTML, XML as well as JavaScript. It is caused by poor coding, when a developers don’t filter special symbols like “>””,””/” an attacker can take advantage of it. Malicious Strings can be inserted to the page through tampering URL, Search field, input fields, comment boxes etc. A common XSS script looks like this;
Xss is of three types
a)Persistent b)Non‐Persistent c)Dom based
a)Persistent: As the name indicates it is a kind of xss which works for temporary time, it is commonly executed through HTTP query or form submission. It is also called reflected xss.
A persistent xss could look like this
http://vulnerablesite.tld/index.php?parameter=
b)Non‐Persistent: It is kind of xss in which the malicious script is Stored in the webapp permanently so whenever a user try to view the page script gets executed. Common e.g. will be a comment box, when an attacker inserts some malicious script into the comment field it will get saved into the webapp permanently. If that comment box doesn’t sanitize requests the scripts will gets executed every time a user visits that page containing that comment box. It is also Called Stored XSS.
A Non‐Persistent xss could look like this
c)Dom based: It is also called type‐0 xss, it is occurred by modifying DOM environment of a browser. Client side is responsible for this attack while as in reflected & stored server side code is responsible. Server side request doesn’t change while as code for the client side run in a different manner.
Many sites are vulnerable but doesn’t execute code because developers filter special symbols, but these filters can be bypassed by encoding them using various techniques like Hex, Char Code, ASCII etc.
After encoding the malicious code look like this
Source String:
< script>alert("XSS")
URL:
%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%58%53%53%22%29%3C%2F%73%63%72%69%70%74%3E
HTML Value (with semicolons):
<script>alert("XSS")</script>
44
HTML Value (without semicolons):
<script>alert("XSS")</script>
Base64:
PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4=
Note: We Take no responsibility every tutorial here is for educational Purpose Only .
Earn upto Rs 5000 Per Month. with daily payout of Rs 500 or more. Join now!
Comments
Post a Comment