Learn Web Hacking 2.02 Reflected XSS attacks!

in #hack6 years ago

Hi everyone,

In this article, I want to show you some XSS attacks. I hope your lab is ready! If not, just go to this article (https://steemit.com/hack/@pierlave/learn-web-hacking-2-01-xss-lab) and get ready to learn!

For XSS detection, a typical payload would be:
<script>alert(document.cookie);</script>

The alert function will show us a popup box and document.cookie will show us the actual cookie. If the box appears, you know it's vulnerable to XSS attacks.


First demonstration, Reflected XSS

For this demonstration, we will use Mutilidae to show you reflected XSS. In Mutilidae you have difficulty levels. Level 0 is the easiest and it goes up in challenge.


Reflected XSS level 0

Go to Mutilidae in the OWASP 2017 / XSS / reflected / DNS lookup.

xss reflected dns.png

In this situation, we have a field where we can input an IP address and see the results of a DNS lookup. You can enter an IP and see the application functioning normally. The goal is to insert some JavaScript code to change the behavior of the application.

ipdnslookup.png

To try it, just insert your payload in the field then press Enter. You see the popup box! This page is vulnerable.

dnspopup.png

You can go and see the source code by pressing right click, view page source.

xsssoucrecoddns.png

We see our code was interpreted by the browser, there is no encoding of characters.


Reflected XSS level 1

Now we can ramp up the difficulty to level 1! We can try the same payload. This time we see there is a character limit so we can't send our payload! To bypass this, we can start burp and intercept the request.

paramburp.png

You can insert your payload in burp then press forward!

payloadburp.png

You have now bypassed the character limitation of this application!

niveau1success.png


Reflected XSS level 5

Time to ramp up again!
This time we can intercept the request with Burp and send the payload again!

chargeburp.png

The results is Error: Invalid input! This is a good example of filtering/encoding special characters.

error.png

This was a quick view of reflected XSS, in the next article we will see stored XSS!

Keep learning!

The information provided on hacking is to be used for educational purpose only. The creator is in no way responsible for any misuse of the information provided. All the information provided is meant to help the reader develop a hacker defense attitude in order to prevent the attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly. The word "Hacking" should be regarded as "Ethical hacking". You implement the information given at your own risk

@pierlave

Sort:  

Congratulations @pierlave! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Support SteemitBoard's project! Vote for its witness and get one more award!

Hey @pierlave this is some great content to bookmark.

Posted using Partiko Android

Thanks, I'm thinking about posting more!

Congratulations @pierlave! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:

SteemitBoard Ranking update - Resteem and Resteemed added

Support SteemitBoard's project! Vote for its witness and get one more award!

Congratulations @pierlave! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You made more than 10000 upvotes. Your next target is to reach 11000 upvotes.

Click here to view your Board of Honor
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:

Meet the Steemians Contest - Intermediate results

Support SteemitBoard's project! Vote for its witness and get one more award!

Congratulations @pierlave! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You made more than 11000 upvotes. Your next target is to reach 12000 upvotes.

Click here to view your Board of Honor
If you no longer want to receive notifications, reply to this comment with the word STOP

Support SteemitBoard's project! Vote for its witness and get one more award!

Hello @pierlave! This is a friendly reminder that a Partiko user has just followed you! Congratulations!

To get realtime push notification on your phone about new followers in the future, download and login Partiko using the link below. You will also get 3000 Partiko Points for free, and Partiko Points can be converted into Steem token!

https://partiko.app/referral/partiko

Congratulations @pierlave! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Coin Marketplace

STEEM 0.21
TRX 0.25
JST 0.038
BTC 96989.50
ETH 3378.64
USDT 1.00
SBD 3.23