Cross site scripting a new way for website hacking


I hope you have already heard about Cross Site Scripting known as XSS. Just go through this first en.wikipedia.org/wiki/Cross-site_scripting . I have focussed on finding  an XSS hole and bypssing a filter.
XSS is a web application vulnerability  that occurs due to improper or no filteration of user's input . It enables the malicious attackers to inject client-side script into web pages. This is not something with which you are gonna deface a website or break in admin panel. This bug can be dangerous for users if found on any online forms . Basically you can do mainly two things that are stealing user sessions and injecting iframes. Actually this bug is basically exploited to harm the visitors rather than administrators.Okay Lets learn the approach to find XSS bugs.

You might have tried finding an XSS hole by inserting a script like this <script>alert('XSS')</script> in Search fields and hoping for a box to popup saying XSS. But its not always the way to find a XSS bug.

This example will make you everything clear.

Okay,  go to this URL
http://www.chitkara.edu.in/chitkara/esl.php?page=overview.php&sitetitle=Overview

Lets Replace 'Overview' with any keyword . Say 'test' and hit enter

http://www.chitkara.edu.in/chitkara/esl.php?page=overview.php&sitetitle=test

Now check the source code of page and search for keyword 'test' by using Ctrl+F and we can find that in the code.

 Carefully, see where it got inserted in the source code
                    

<title>Chitkara Educational Trust > test</title>

Now lets replace the 'test' with  </title><h1>XSS</h1> and see what happens

Note- <h1> It is the html heading tag </h1>


http://www.chitkara.edu.in/chitkara/esl.php?page=overview.php&sitetitle=</title><h1>XSS</h1>
We can see the keyword 'XSS' displayed on the webpage.



Lets again see the page source



We entered </title> to complete the title  tag ( <title>) and <h1>XSS</h1> is the actually html tag we wanted to see on the page.

 I hope it was a simple part and is clear to you.

Now Lets try to execute a javascript code <script>alert('XSS')</script>. A popup message box saying XSS should appear on the webpage.
Lets go to this URL

http://www.chitkara.edu.in/chitkara/esl.php?page=overview.php&sitetitle=</title><script>alert('XSS')</script>

But Nothing Happens !!!

Now check the source code again



See the slashes ( \ ) automatically inserted before the single quotes ( ' ) ,we entered.  Obviously,due to this our code didn't execute.This is a kind of filter that we need to bypass . 


Here we will be using a javascript built in function called String.FromCharCode() that is used to encode/decode strings. Now both these codes
<script>alert('XSS')</script> and <script>alert(String.fromCharCode(88, 83, 83))</script>
has the same function but we can see that THERE ARE NO QUOTES IN SECOND CODE.

Note: 88 and 83 are ASCII values for X and S respectively.  Visit this http://www.asciitable.com for more.

Finally, try this

http://www.chitkara.edu.in/chitkara/esl.php?page=overview.php&sitetitle=</title><script>alert(String.fromCharCode(88, 83, 83))</script> 


Yes, it worked.

So finally we have managed to execute a javascript :)
Cross site scripting a new way for website hacking Reviewed by Aditya Joshi on 17:58:00 Rating: 5

No comments:

Share your problems but don't spam here

All Rights Reserved by Cyber Sucks © 2015 - 2016

Contact Form

Name

Email *

Message *

Powered by Blogger.