Cross site scripting attack-Kali Linux.
In this article i am covering what xss is and how XSS attacks are executed.
- Basic understanding of server side languages like php,jsp.
- Kali linux
- DVWA If you have not go ahead and install DVWA first.Without DVWA you will not be able to test xss attack.
Cross site scripting commonly known as the XSS attacks are very dangerous.In xss hackers injects malicious scripts or payload into web applications.Xss is a very common vulnerability.
With a xss vulnerable website Hackers do crafty stuff like making a fake login pages,session hijacking etc to steal credentials.
What hackers can do with xss attacks
With xss hackers can steal cookies,redirect to another website,session hijacking ,spread malware and can even cause Website defacement and more.So you can imagine how much damage hackers can do with xss attacks.
Type of xss.
There are two types of xss attacks.
- Stored Xss attack
- Reflected xss attack
Reflected xss attack
Reflected Attack are most common xss attacks.In reflected attacks hacker's script must be the part of the url.
More specifically hackers send http requests to the server and reflects back in a manner that http response includes the evil script and gets executed.Let's do it with some real examples.It will not much time to understand.
So we will be using DVWA for demonstrations.DVWA is tool where we can practice our skills on our local server in legal environment.Open your terminal and start DVWA.
Before starting DVWA we have to start apache2 and mysql services.
root@seven:~# service apache2 start
Start mysql services.
root@seven:~# service mysql start
Now open your web browser and paste the following http://localhost/dvwa/login.php enter your credentials and login.
Once you are logged in you have to change security level in DVWA by default it is impossible we have to change it to low .
Change security level to low.As shown in the below picture
Now select reflected attack from the menu
Now we are ready to test.write down some java script code as shown in below image and submit
When you hit submit it should return an alert box if it returns the output(In this case alert box) of your code not the code that you submitted so that means website is vulnerable to xss.Here you saw we got an alert box in return.
Now check the URL you will see that code has been added to url.
Now you can see code is integrated to URL .That's because name paramter is vulnerable to xss attack.Now you can write some evil code like making a fake login page etc. And send to the victims.
Before sending links you should encode url to hexa or some other form so human can't read it. use your social engineering skills to send and make you victims click.
XSS Stored Attack
As the name suggest stored attack.It works where you can submit data.You can actually inject or store your evil code into a website's database. In this way when users visit to website(where you injected your code) does not even know that he is forced to use the code.
Stored attacks are mostly implemented by comment box. Through comment box you can insert your evil code into a vulnerable website's database.
Now switch to XSS store from the menu
When you input the code i showed in the picture You will be be prompted with an alert box.
Now you must have realised by now that how dangerous xss attacks even more than SQL injections. Sql injection can be prevented easily.But it's hard to prevent xss attacks.Even though if your are using blogging platforms like wordpress and google bloggers they take care of xss attacks.Specially with latest versions of wordpress it's really hard to xss wordpress.
That was just an introduction of xss.I will write some advance articles on xss in future.Enjoy
More article on web pentesting are coming soon..