Hai guys today I got a success, that mean hacked a site using only xss/css attack. I feel very happy and want to share the idea to others also..
What is XSS script..? How it Works..?
If You want to know this then go through this..
Xss Script attack
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007. Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site’s owner.
Xss Script Attack Client Side
Xss script is one of the major vulnerabilty in web applications. Its an injection type attack. We have to inject some malicious scripts inside the web application using any input box. You can put the script in search box, login forms, comment options, contact us forms etc. Where ever you can give any input data try the scripts there, if the script is accepted then you can do any thing using this xss/css script.
Client side attack means it only affects the client side. That when we send the link to the victim and he/she opens the page then our script will execute there, we can stole his/her cookies, session ids, tokens and we can get the creditinals if they input the user name and password in our scripted page. This is client side attack.
Yeah, now Im going to teach you from the basic.
That mean lets first start from the url script attack, Im going to use an example site, not the original site that I hacked. So first you find the css/xss script vulnerable site and do the experiments below. Dont worry google is there, search the xss vulnerable site there. Read the below steps properly you can definetely hack a site.
Example site : http://www.mobilestores.com
One day I just open the site to see some new model mobiles for me to purchase, I searched for five minutes at that time I noticed the url. The url comes like this
again when I searched for the next model it changes like
Im a very lazy person, so what I think is instead of going to several pages and searching the models. Why don’t I put the model number in the url. So I put it in the url my favourite model “Sony Xperia”
Actually I enter the model as wrong, But I see that ” Sony Xperia ” this word is reflecting on the page, So Now I think why its showing like this, if its not there why its not showing item not found.
It means that it takes the input from the url. So I planned to change the world “sony xperia” from the url and put it as “I Hacked this site”
Oh my god, It is displaying in the site that ” I Hacked this site “. Now my mind starts works little fast. I want to do some thing more. I go to google and search some
xss script (css csript). I got some scripts I just put some basic scripts for you
<script>alert(‘I Wanna Hack You’)</script>
<script>msgbox(‘You Are Hacked’)</script>
I just replaced the word ” sony Xperia” from the url and put my script there.
http://www.mobilestores.com/search.php?mobileid=<script>alert(‘I Wanna Hack You’)</script>
An awesome work by me.. When I open this url its showing one alert box saying ” I Wanna Hack You “
Same thing just try a script thats asking for username and password. And and put in the url and send to other users. Definetely they will put their user name and password. And you can now use their creditionals. But remember one thing, don’t send the whole url because it will shows that the script is added in the url. Dont worry about it. Just search is google the url shortner and make your url short and send..
There is lot of xss/css script attack codes in google. Search it and fine more codes.
I hope you people understand. Its just a very basic, If you have any doubt then mail me are put a comment. If you get succeed then go to the below server side XSS/CSS script attack.
XSS server side attack.
Server side attack is quite harmful and its very effective. Because if you inject a script in the server, that page will display to all the peoples who are viewing that page. So you can get login creditionals of lot of peoples specially if you did that in any online shopping sites, then think what will happen. Within an hour you can get more than 500 peoples password, bankl account, pin number etc.. You can get Hell lot of informations.
Now think how you will inject the xss/css script inside the server side. I tried a lot in url, search box, username box, password box, but nothing is worked. I really got very much bored. What a fu…ng job it is. Days passed I refered to lot of books and sites. One day I remember that, there is some more options for input in web page why dont I try that. That is comment options, or contact us form in the page. I tried to inject the css/xss script to a lot of sites But I got succeed on one site.
I did it. I was very crazy on that day. After a long time I hacked another one site. I just went to comment option and fill the form
name : anonymous
Comment : <script>document.location=’http://www.redtube.com’</script>
Now say what will happen when I click the submit button. When somebody tries to open the site and if it goes to redtube.com. The people get crazy and I think they might been enjoy this.
Any way thanks for a lot buddies to read it upto last, and if any body want the xss script attack vulnerable sites, comment it below or catch me on email@example.com
Best wishes, Hack on your own way.
Example For XSS Script To Steal The Session Id :
I put some scripts below you can try this too..
The ol’e basic:
Bypass filter when it strips <script> tags:
When inside <script> tags:
‘; alert(document.cookie); var foo=’
Other XSS that don’t require <script>:
<img src=asdf onerror=alert(document.cookie)>
On IE, many tags will accept a style attribute that one could do things with:
XSS in JPEGs:
Don’t forget if a user requests a JPEG file in IE directly (not through an embedded <img> tag), then IE will process the contents as HTML if that is what the JPEG contains. This means that we can upload a file with a .jpg extension containing a XSS payload. This works nicely when we have an application that has functionality to upload images and then gets viewed by others. This is common in web mail applications, where one can send an email containing an image attachment, etc. Many applications sanitize HTML attachments to block XSS attacks, but overlook the way IE handles JPEG files.
HTTP/1.1 200 OK
Date: Sun, 6 May 2007 11:32:35 GMT