Sunday, November 29, 2015

CROSS-SITE-SCRIPTING (XXS Attacks OR Hacking)



Hi Friends, Today I am going to tell you about Cross-Site-Scripting (XXS). This is my First Post on XXS. So I will go for Low difficult not Advance, which will make easy to understand the advance tricks in future. Let’s Begin…..

:: About ::

Cross-Site-Scripting is a computer security vulnerability found in web applications. XXS allows code injection by malicious web user into Internet Pages viewed by other users. In a XXS attack, the attacker gains the ability to see private user IDs, Passwords, Credit card information and other personal identification. Cookie Stealing & Session overriding are other effects of XXS. These attacks are accomplished by JavaScript which is used to record & write data on the other website. There are Three Types of XXS Vulnerability Attacks: Non-persistent, Persistent, and Dom Based.
This is about XXS attack in Brief. Let’s Start the Demo on XXS attack by which you can understand How the Cross-Site-Scripting done.

:: Follow These Steps ::

1} Go to This Website use FireFox: testphp.vulnweb.com [see image]


2} Click on Guest Book, you will see a board, in that board write this code.

 <script>alert(‘hello’);</script>

3} Now Click on add message.

You will get an alert message this is which script (JavaScript) is reflected which means this application is Vulnerable by XXS. [see image]


Also you Can Add this alert message to the Blog or on Website. Remember the code…….
This is how it Works. Now Let’s Do little bit advance.

:: Follow These ::

We come across the alert message Now in the place of alert message we will display a Image using XXS.

1} Select Your Image and upload it free Image Hosting Server use postimage.org. [See Image Below]



2} After uploading you will get its Links. Take the note of Direct Link.

3} Here we need a HTML code.

 <img src='http://s6.postimg.org/budqs6jbl/images.jpg' alt='some_text'>

4} Go to the Site Open in Firefox: testphp.vulnweb.com

5} Place this Code in the board. And click add image. You will see the Image which means it is vulnerable to XXS . [See the Image Below]


6} Done Enjoy………….


Now here you understand How XXS attacks are done. In my Future Post I will discuss about advance XXS attacks. Feel Free to Like this and Share this.
Posted by at

1 comment:

  1. AnonymousApril 19, 2017 at 5:57 PM

    Get results in one hour time for emails and other account:Change school grades,Erase criminal records,Hack bank accounts,phone clone,whatsapp and facebook hack,driver"s license,hack computer remotely,retrieval of lost files and documents,hack wifi network,expunge criminal records etc...contact:azzam4187@gmail.com

    ReplyDelete

Subscribe to: Post Comments (Atom)