CS Lab 7 PDF

LAB of CYber security

Uploaded by

paras1282096

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

21 views7 pages

CS Lab 7 PDF

LAB of CYber security

Uploaded by

paras1282096

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 7

Name : Sambhav Jain

2200291530090
CSE(AIML)-B

LAB - 7

OBJECTIVE :Cross-Site Scripting (XSS): Exploit XSS vulnerabilities in DVWA to inject

malicious scripts into web pages. Show the potential impact of XSS attacks, such as
stealing cookies or defacing websites

WHAT IS cross site scripting(XSS) ??

XSS is a technique in which attackers inject malicious scripts into a target

website and may allow them to gain access control of the website. If a website
allows users to input data like comment, username field and email address
field without controls then attacker can insert malicious code script as well.

TYPES OF XSS:

1. Reflected XSS

2. Stored XSS

3. Dom Base XSS

Reflected XSS(cross site scripting):RXSS

In this case, hacker data is not stored on the website. reflected XSS only execute on the victim
side. reflected cross-site scripting A hacker sends input script that website then reflected back to
the victim’s browser, where hacker it executed the malicious JavaScript payloads.

Let’s try cross site scripting virtual environment

Requirements:
1. Xampp or wamp

2. DVWA (Damn vulnerable web application)

3. Browser like Firefox, explorer, Cyberfox, Chrome e.t.c

DVWA low level Reflected XSS:

Payload: <script>alert(“xss”)</script>

Step 1 : enter the admin name in the bar named “whats your name “
Step 2 : enter the script <script >alert(“hacked”)</script>

2 . stored xss
Stored cross-site scripting (XSS) In this case the hacker malicious code is
stored target website and the web server. when an attacker can send malicious
JavaScript into the website and that script is executed other users’ computers
that is stored (XSS) cross-site scripting.
Step 1 :enter the name as admin

And in text box enter the above script :

This will pop up the following window

Step 2 : again enter the name admin and the script In text box

Script :<script>alert(document.cookie)</script>
This will pop up the following window :

3 .dom based xss

Dom base (XSS) cross-site scripting attack is a short-form document object
model based cross-site scripting. That is, the page itself HTTP response does
not change, An attacker may use several DOM objects to create a Cross-site
Scripting attack. The most popular objects from this perspective are
documents.URL, document.location, and document.referrer.
Step 1 : select the default language English .and after reloading the browser this
will pop up the following window .
Hence by using different cross site scripting vulnerabilities we can change
the content of websites showing up the different incorrect pop up messages
which are harmful for the devices .

XSS (Cross-Site Scripting)
No ratings yet
XSS (Cross-Site Scripting)
18 pages
Cross Site Scripting Presentation Slides
No ratings yet
Cross Site Scripting Presentation Slides
23 pages
xss
No ratings yet
xss
24 pages
INE-Web-Application-Penetration-Testing-XSS-Attacks-Course-File_unlocked
No ratings yet
INE-Web-Application-Penetration-Testing-XSS-Attacks-Course-File_unlocked
47 pages
What Is Cross-Site Scripting (XSS) ?
No ratings yet
What Is Cross-Site Scripting (XSS) ?
4 pages
Cross Site Scripting XSS CSS: Also Known As or
No ratings yet
Cross Site Scripting XSS CSS: Also Known As or
219 pages
Cross Site Scripting
No ratings yet
Cross Site Scripting
20 pages
Advance XSS Handbook - Codelivly
No ratings yet
Advance XSS Handbook - Codelivly
68 pages
Investigating of Cyber Attacks On Web Systems
No ratings yet
Investigating of Cyber Attacks On Web Systems
40 pages
Cross Site Scripting
No ratings yet
Cross Site Scripting
15 pages
week 9 XSS (2)
No ratings yet
week 9 XSS (2)
49 pages
AC 3125-6
No ratings yet
AC 3125-6
8 pages
1.1 XSS slides
No ratings yet
1.1 XSS slides
25 pages
XSS Attack and Remedies
No ratings yet
XSS Attack and Remedies
13 pages
Xampp & XSS Attacks
No ratings yet
Xampp & XSS Attacks
10 pages
CROSS-SITE SCRIPTING (XSS)
No ratings yet
CROSS-SITE SCRIPTING (XSS)
8 pages
Cross Site Scripting (XSS) - What Is It & What's An Example
No ratings yet
Cross Site Scripting (XSS) - What Is It & What's An Example
8 pages
Week 9 XSS
No ratings yet
Week 9 XSS
60 pages
Experiment 7
No ratings yet
Experiment 7
3 pages
XSS
No ratings yet
XSS
13 pages
xss introduction
No ratings yet
xss introduction
9 pages
Browser Security, Part 1
No ratings yet
Browser Security, Part 1
25 pages
[CyberSec'24] Lab05 - Student Version
No ratings yet
[CyberSec'24] Lab05 - Student Version
29 pages
WP Cross Site Scripting
No ratings yet
WP Cross Site Scripting
12 pages
Cross-site Scripting (XSS)
No ratings yet
Cross-site Scripting (XSS)
17 pages
Paper_81-Cross_Site_Scripting_Research_A_Review
No ratings yet
Paper_81-Cross_Site_Scripting_Research_A_Review
7 pages
Unit 3 Part2
No ratings yet
Unit 3 Part2
57 pages
Prevention_Of_Cross-Site_Scripting_Attacks_XSS_On_
No ratings yet
Prevention_Of_Cross-Site_Scripting_Attacks_XSS_On_
5 pages
Cross Site Scripting 004
No ratings yet
Cross Site Scripting 004
15 pages
WMS Exp2
No ratings yet
WMS Exp2
6 pages
Chapter 1 To 3 Revised
No ratings yet
Chapter 1 To 3 Revised
25 pages
Cross Site Scripting
No ratings yet
Cross Site Scripting
20 pages
"Cross Site Scripting - Client Side Solution": Mahesh Kumar, Ms. Sunita Kumari
No ratings yet
"Cross Site Scripting - Client Side Solution": Mahesh Kumar, Ms. Sunita Kumari
6 pages
Xss Attacks & Its Types
No ratings yet
Xss Attacks & Its Types
7 pages
Tutorial Guide: SSTF 2022 Hacker's Playground
100% (1)
Tutorial Guide: SSTF 2022 Hacker's Playground
28 pages
Cross-Site Scripting (XSS)
No ratings yet
Cross-Site Scripting (XSS)
6 pages
Cross Site Scripting Ethical Hacking Lab Exercise
No ratings yet
Cross Site Scripting Ethical Hacking Lab Exercise
10 pages
Final Report Sample
No ratings yet
Final Report Sample
6 pages
Experiment 7
No ratings yet
Experiment 7
9 pages
Cyber Project Report
No ratings yet
Cyber Project Report
7 pages
XSS Vulnerabilities
No ratings yet
XSS Vulnerabilities
6 pages
What Is Cross-Site Scripting (XSS) and How To Prevent It - Web
No ratings yet
What Is Cross-Site Scripting (XSS) and How To Prevent It - Web
6 pages
Cross-site Scripting (XSS)
No ratings yet
Cross-site Scripting (XSS)
7 pages
Xss White Paper
No ratings yet
Xss White Paper
8 pages
Truth of Cross Site Scripting (XSS)
No ratings yet
Truth of Cross Site Scripting (XSS)
14 pages
Cross Site Scripting: Name/Mohammed Aburas ID/382015800
No ratings yet
Cross Site Scripting: Name/Mohammed Aburas ID/382015800
17 pages
XSS Attack and how to mitigate it
No ratings yet
XSS Attack and how to mitigate it
8 pages
Cross Site Scripting
No ratings yet
Cross Site Scripting
3 pages
NA
No ratings yet
NA
2 pages
Daily Haulage Report
No ratings yet
Daily Haulage Report
192 pages
Fods Notes
No ratings yet
Fods Notes
139 pages
Cross Site Scripting (XSS)
No ratings yet
Cross Site Scripting (XSS)
11 pages
Cross Side Scripting (XSS) Attack: Detection For Web Application
No ratings yet
Cross Side Scripting (XSS) Attack: Detection For Web Application
21 pages
Chapter-16 Memory Organization
No ratings yet
Chapter-16 Memory Organization
64 pages
w1 - Intro Asean
No ratings yet
w1 - Intro Asean
54 pages
XSS
No ratings yet
XSS
1 page
Cross Site Scripting (XSS)
No ratings yet
Cross Site Scripting (XSS)
18 pages
Cross-Site Scripting Attack: Manaloto, Joel Jr. S. BSIT 3-2 Case Study 1
No ratings yet
Cross-Site Scripting Attack: Manaloto, Joel Jr. S. BSIT 3-2 Case Study 1
3 pages
Copyright in Zambia To Present
No ratings yet
Copyright in Zambia To Present
3 pages
Midterm 1: Eecs 16A Designing Information Devices and Systems I Fall 2015 Anant Sahai, Ali Niknejad
No ratings yet
Midterm 1: Eecs 16A Designing Information Devices and Systems I Fall 2015 Anant Sahai, Ali Niknejad
29 pages
DBMS Report Final
No ratings yet
DBMS Report Final
26 pages
Cross Site Scripting (XSS)
No ratings yet
Cross Site Scripting (XSS)
32 pages
BPE ALL IN 1
No ratings yet
BPE ALL IN 1
27 pages
Xss Documentation
No ratings yet
Xss Documentation
6 pages
Mf 2609 i 000228498
No ratings yet
Mf 2609 i 000228498
9 pages
Cross Site Scripting
No ratings yet
Cross Site Scripting
6 pages
Isb Cto Brochure
No ratings yet
Isb Cto Brochure
22 pages
DFE 3 118 (2003) Manual
No ratings yet
DFE 3 118 (2003) Manual
70 pages
ZINVETORY
No ratings yet
ZINVETORY
24 pages
Cross-Site Scripting Attacks Procedure and Prevention Strategies
No ratings yet
Cross-Site Scripting Attacks Procedure and Prevention Strategies
3 pages
Barometro Omt
No ratings yet
Barometro Omt
31 pages
Innova 5210 Manual x0.05
100% (2)
Innova 5210 Manual x0.05
36 pages
Точки колебания и ликвидность
No ratings yet
Точки колебания и ликвидность
8 pages
Articulated Crane
No ratings yet
Articulated Crane
1 page
8keystoorm Protecting Reputations Online
No ratings yet
8keystoorm Protecting Reputations Online
14 pages
Hammer Mill
No ratings yet
Hammer Mill
4 pages
FRQFF See Gre
No ratings yet
FRQFF See Gre
5 pages
Zeroth Review - FYP Final
No ratings yet
Zeroth Review - FYP Final
7 pages
Detailed Lesson in Practical Research 1 Data Analysisa4 PDF Free
No ratings yet
Detailed Lesson in Practical Research 1 Data Analysisa4 PDF Free
7 pages
RFQ Email - 23.03.2024
No ratings yet
RFQ Email - 23.03.2024
2 pages
A Study On Removal Techniques of Cross-Site From Web Application
No ratings yet
A Study On Removal Techniques of Cross-Site From Web Application
7 pages
Digital Image Processing - Lecture Weeks 1&2 PDF
No ratings yet
Digital Image Processing - Lecture Weeks 1&2 PDF
50 pages
Data Sheet 6ES7417-4XT05-0AB0: General Information
No ratings yet
Data Sheet 6ES7417-4XT05-0AB0: General Information
10 pages
A Project Report On: Analysis of Cash Management of Sunflag Iron & Steel Co - LTD
No ratings yet
A Project Report On: Analysis of Cash Management of Sunflag Iron & Steel Co - LTD
5 pages
CX - Airtel and Amdocs Case Study - FINAL
No ratings yet
CX - Airtel and Amdocs Case Study - FINAL
4 pages
Cross Site Scripting - XSS
No ratings yet
Cross Site Scripting - XSS
6 pages
M01 Application For Duplicate Certificate
No ratings yet
M01 Application For Duplicate Certificate
2 pages
Different Modulation Techniques PDF
No ratings yet
Different Modulation Techniques PDF
5 pages
Introduction to Web Hacking: Cross-site Scripting
From Everand
Introduction to Web Hacking: Cross-site Scripting
Gary Drocella
No ratings yet
JavaScript Programming: 3 In 1 Security Design, Expressions And Web Development
From Everand
JavaScript Programming: 3 In 1 Security Design, Expressions And Web Development
Richie Miller
No ratings yet