Hi Friends, Today I am going to tell you about Cross-Site-Scripting (XXS). This is my First Post on XXS. So I will go for Low difficult not Advance, which will make easy to understand the advance tricks in future. Let’s Begin…..
:: About ::
Cross-Site-Scripting is a computer security vulnerability found in web applications. XXS allows code injection by malicious web user into Internet Pages viewed by other users. In a XXS attack, the attacker gains the ability to see private user IDs, Passwords, Credit card information and other personal identification. Cookie Stealing & Session overriding are other effects of XXS. These attacks are accomplished by JavaScript which is used to record & write data on the other website. There are Three Types of XXS Vulnerability Attacks: Non-persistent, Persistent, and Dom Based.
This is about XXS attack in Brief. Let’s Start the Demo on XXS attack by which you can understand How the Cross-Site-Scripting done.
:: Follow These Steps ::
1} Go to This Website use FireFox: testphp.vulnweb.com [see image]
2} Click on Guest Book, you will see a board, in that board write this code.
<script>alert(‘hello’);</script>
3} Now Click on add message.
You will get an alert message this is which script (JavaScript) is reflected which means this application is Vulnerable by XXS. [see image]
Also you Can Add this alert message to the Blog or on Website. Remember the code…….
This is how it Works. Now Let’s Do little bit advance.
:: Follow These ::
We come across the alert message Now in the place of alert message we will display a Image using XXS.
1} Select Your Image and upload it free Image Hosting Server use postimage.org. [See Image Below]
2} After uploading you will get its Links. Take the note of Direct Link.
3} Here we need a HTML code.
<img src='http://s6.postimg.org/budqs6jbl/images.jpg' alt='some_text'>
4} Go to the Site Open in Firefox: testphp.vulnweb.com
5} Place this Code in the board. And click add image. You will see the Image which means it is vulnerable to XXS . [See the Image Below]
6} Done Enjoy………….
Now here you understand How XXS attacks are done. In my Future Post I will discuss about advance XXS attacks. Feel Free to Like this and Share this.
Get results in one hour time for emails and other account:Change school grades,Erase criminal records,Hack bank accounts,phone clone,whatsapp and facebook hack,driver"s license,hack computer remotely,retrieval of lost files and documents,hack wifi network,expunge criminal records etc...contact:azzam4187@gmail.com
ReplyDeleteWelcome to the future! Financing made easy with Prof. Mrs. DOROTHY JEAN INVESTMENTS
ReplyDeleteHello, Have you been looking for financing options for your new business plans, Are you seeking for a loan to expand your existing business, Do you find yourself in a bit of trouble with unpaid bills and you don’t know which way to go or where to turn to? Have you been turned down by your banks? MRS. DOROTHY JEAN INVESTMENTS says YES when your banks say NO. Contact us as we offer financial services at a low and affordable interest rate of 2% for long and short term loans. Interested applicants should contact us for further loan acquisition procedures via profdorothyinvestments@gmail.com
We invest in all profitable projects with cryptocurrencies. I'm here to share an amazing life changing opportunity with you. its called Bitcoin / Forex trading options, Are you interested in earning a consistent income through binary/forex trade? or crypto currency trading. An investment of $100 or $200 can get you a return of $2,840 in 7 days of trading and you get to do this from the comfort of your home/work. It goes on and on The higher the investment, the higher the profits. Your investment is safe and secured and payouts assured 100%. if you wish to know more about investing in Cryptocurrency and earn daily, weekly OR Monthly in trading on bitcoin or any cryptocurrency and want a successful trade without losing Contact MRS.DOROTHY JEAN INVESTMENTS Email profdorothyinvestments@gmail.com
YOURS IN SERVICE
Mrs. Dorothy Pilkenton Jean
Financial Advisor on Bank Instruments,
Private Banking and Client Services
Email Address: profdorothyinvestments@gmail.com
Operation: We provide Financial Service Such As Bank Instrument
From AA Rate Banks, Cash Loan,BG,SBLC,BOND,PPP,MTN,TRADING,FUNDING MONETIZING etc.