0% found this document useful (0 votes)

11 views1 page

KGGD 6 N 5 V

This lesson focuses on detecting, exploiting, and bypassing Cross-Site Scripting (XSS) vulnerabilities, covering reflected, stored, and DOM-based XSS. It includes practical steps for lab setup, identifying input fields, injecting payloads, and employing obfuscation techniques. Key techniques include using basic payloads, event handlers, and URL-based injections to test for vulnerabilities and bypass filters.

Uploaded by

iphoneboeken

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

11 views1 page

KGGD 6 N 5 V

Uploaded by

iphoneboeken

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

Lesson 2: Cross-Site Scripting (XSS)

Objective: Learn to detect, exploit, and bypass XSS vulnerabilities by working with different types of XSS: reflected, stored, and DOM-based. We’ll cover basic payloads,
obfuscation techniques, and ways to test various encoding bypasses.

Step 1: Lab Setup

1. Set up DVWA or Mutillidae on a local environment like XAMPP or Kali Linux VM if you haven’t already.
2. Configure Security Level:
• In DVWA, set the security level to “low” in the settings.
• This allows for testing without additional filters in place.

Step 2: Detect Reflected XSS

1. Identify Input Fields:

• In DVWA, navigate to the XSS Reflected page.
• Look for input fields where you can enter text that is directly displayed on the resulting page.
2. Basic Detection:
• Enter a simple payload like <script>alert(1)</script>.
• If the application immediately triggers an alert box, it’s vulnerable to XSS.
3. Alternative Payloads:
• Try other payloads like <img src=x onerror=alert(2)> to test if the application filters out <script> tags specifically but not other tags.
• Using different tags checks for encoding or tag restrictions.

Step 3: Exploiting Stored XSS

1. Navigate to a Page with Persistent Input:

• Go to the XSS Stored page in DVWA, where you can post comments or messages that get stored on the page.
2. Inject Persistent Payloads:
• Enter <script>alert(3)</script> in the comment field and submit it.
• Refresh the page to see if the alert box triggers again. If it does, the application has stored the XSS payload, which will run each time the page loads.
3. Bypass Basic Filtering:
• If your payload is blocked, try variations:
• Use mixed-case tags: <ScRiPt>alert(4)</ScRiPt>.
• Use HTML encoding for characters: <script>alert(5)</script>.
• Test to see if the application decodes these encodings, allowing the payload to execute.

Step 4: DOM-Based XSS

1. Inspect the DOM-Based XSS Page:

• Go to the XSS DOM page in DVWA.
• Here, the payload is reflected in the URL but executed in the browser’s DOM without a request to the server.
2. Craft a URL-Based Payload:
• Add #<script>alert(6)</script> to the end of the URL (e.g., http://yourapp/XSS_DOM.php#<script>alert(6)</script>).
• If this triggers an alert, the application directly injects the payload from the URL into the page’s HTML or JavaScript.
3. Bypassing URL Filtering:
• If filters are in place, try obfuscation techniques, like encoding characters in the payload. For instance:
• Replace <script> with %3Cscript%3E.
• Experiment with breaking up tags, like <img src=x onerror=alert('7')> encoded with %3Cimg%20src%3Dx%20onerror%3Dalert%287%29%3E.

Step 5: Advanced Bypass Techniques

1. Event Handlers:
• Many applications restrict <script>, but other HTML tags can trigger JavaScript events. Try:
• <body onload=alert(8)>
• <a href="javascript:alert(9)">Click me</a>
2. Filter Bypasses:
• If certain keywords or characters are blocked, try Unicode encoding or entity encoding for more complex bypasses:
• For example, use alert(10) for alert.
• Also, some filters miss characters encoded as " (for "), allowing onerror or onload events.

Step 6: Practice and Review

1. Try Other Input Fields:

• In DVWA or Mutillidae, search for other user input areas and test if XSS can be triggered on other forms, comments, or input fields.
2. Review and Refine Payloads:
• Compare results with different payloads and encoding methods. Document which variations succeeded and why, noting the effectiveness of each technique in
bypassing specific filters.

Summary of Key Techniques

1. Basic Payloads: <script>alert(1)</script> or <img src=x onerror=alert(1)>.

2. Obfuscation: Mixed case tags, encoded tags, and Unicode encoding.
3. DOM-Based Payloads: Inject payloads directly into the URL fragment, e.g., #<script>.
4. Event Handlers: Use non-script tags with events, like <a href="javascript:alert()">.

This lesson provides a hands-on guide for detecting and exploiting various types of XSS vulnerabilities, along with bypass techniques for different filters. Let me know if you’re
ready to dive into the next lesson!

CH 006
No ratings yet
CH 006
32 pages
Serie 11
No ratings yet
Serie 11
3 pages
Lect24.1&25 - XSS and Its Demonstration Using DVWA
No ratings yet
Lect24.1&25 - XSS and Its Demonstration Using DVWA
44 pages
Complete Cross-Site Scripting Walkthrough
No ratings yet
Complete Cross-Site Scripting Walkthrough
23 pages
Complete Cross Site Scripting Walkthrough
No ratings yet
Complete Cross Site Scripting Walkthrough
23 pages
Cross Site Scripting Ethical Hacking Lab Exercise
No ratings yet
Cross Site Scripting Ethical Hacking Lab Exercise
10 pages
10 Practical Scenarios For XSS Attacks
No ratings yet
10 Practical Scenarios For XSS Attacks
21 pages
Testing For Reflected Cross Site Scripting
No ratings yet
Testing For Reflected Cross Site Scripting
8 pages
XSS Attack and How To Mitigate It
No ratings yet
XSS Attack and How To Mitigate It
8 pages
Lab3 Cy481
No ratings yet
Lab3 Cy481
8 pages
Truth of Cross Site Scripting (XSS)
No ratings yet
Truth of Cross Site Scripting (XSS)
14 pages
XSS Revision - 2
No ratings yet
XSS Revision - 2
3 pages
XSS
No ratings yet
XSS
4 pages
XSS Attack
No ratings yet
XSS Attack
6 pages
Cross-Site Scripting (XSS)
No ratings yet
Cross-Site Scripting (XSS)
8 pages
XSS Revision
No ratings yet
XSS Revision
3 pages
Experiment 7
No ratings yet
Experiment 7
3 pages
XSS and Authorization
No ratings yet
XSS and Authorization
6 pages
Using XSS To Bypass CSRF Protection
No ratings yet
Using XSS To Bypass CSRF Protection
12 pages
DOM Based XSS and Proper Output Encoding
100% (1)
DOM Based XSS and Proper Output Encoding
35 pages
Xss
No ratings yet
Xss
11 pages
XSS Scenario Based Questions
No ratings yet
XSS Scenario Based Questions
11 pages
Cross Site Scripting XSS
No ratings yet
Cross Site Scripting XSS
31 pages
Cross-Site Scripting: Analysis, Identification and Exploitation
No ratings yet
Cross-Site Scripting: Analysis, Identification and Exploitation
28 pages
Cross Site Scripting Presentation Slides
No ratings yet
Cross Site Scripting Presentation Slides
23 pages
Lecture 19 IS BSE 7A SMI Fall 2024
No ratings yet
Lecture 19 IS BSE 7A SMI Fall 2024
35 pages
Task 2 Report Xss
No ratings yet
Task 2 Report Xss
16 pages
Reflected XSS - Manual Attacks
No ratings yet
Reflected XSS - Manual Attacks
5 pages
A7 - Cross - Site Scripting (XSS) : © 2020 Nexusguard Limited - Confidential & Proprietary
No ratings yet
A7 - Cross - Site Scripting (XSS) : © 2020 Nexusguard Limited - Confidential & Proprietary
5 pages
Report of XSS-1
No ratings yet
Report of XSS-1
8 pages
Broken Web Security
No ratings yet
Broken Web Security
87 pages
XSS - Cross-Site Scripting
No ratings yet
XSS - Cross-Site Scripting
29 pages
Cross Site Scripting (XSS) : by Amit Tyagi
0% (1)
Cross Site Scripting (XSS) : by Amit Tyagi
31 pages
XSS in Theory: Cross-Site Scripting
No ratings yet
XSS in Theory: Cross-Site Scripting
12 pages
Chapter 7
No ratings yet
Chapter 7
13 pages
XSS Payload Examples
No ratings yet
XSS Payload Examples
7 pages
XSS Vulnerability Testing
No ratings yet
XSS Vulnerability Testing
8 pages
Web App Security 1193579768112939 1
No ratings yet
Web App Security 1193579768112939 1
83 pages
XSS (Cross Site Scripting) Cheat Sheet Esp: For Filter Evasion
No ratings yet
XSS (Cross Site Scripting) Cheat Sheet Esp: For Filter Evasion
18 pages
Cross-Site Scripting (XSS)
No ratings yet
Cross-Site Scripting (XSS)
34 pages
MIT6 858F14 Lec9 PDF
No ratings yet
MIT6 858F14 Lec9 PDF
11 pages
INE Web Application Penetration Testing XSS Attacks Course File - Unlocked
No ratings yet
INE Web Application Penetration Testing XSS Attacks Course File - Unlocked
47 pages
AWX Assignment 4
No ratings yet
AWX Assignment 4
4 pages
XSS Filter Evasion Cheat Sheet - OWASP
No ratings yet
XSS Filter Evasion Cheat Sheet - OWASP
35 pages
Cross Site Scripting Lab Manual
No ratings yet
Cross Site Scripting Lab Manual
14 pages
XSS Answers
No ratings yet
XSS Answers
7 pages
Cross-Site Scripting (XSS)
No ratings yet
Cross-Site Scripting (XSS)
6 pages
XSS Filter Evasion Cheat Sheet - OWASP
No ratings yet
XSS Filter Evasion Cheat Sheet - OWASP
44 pages
Introduction to Web Hacking: Cross-site Scripting
From Everand
Introduction to Web Hacking: Cross-site Scripting
Gary Drocella
No ratings yet
Was 4
No ratings yet
Was 4
117 pages
Tutorial Guide: SSTF 2022 Hacker's Playground
100% (1)
Tutorial Guide: SSTF 2022 Hacker's Playground
28 pages
Xampp & XSS Attacks
No ratings yet
Xampp & XSS Attacks
10 pages
SSRF & Cross-Site Scripting. Task 1 What Is An SSRF - by YCZHU - Medium
No ratings yet
SSRF & Cross-Site Scripting. Task 1 What Is An SSRF - by YCZHU - Medium
1 page
Cross Site Scripting (XSS)
No ratings yet
Cross Site Scripting (XSS)
32 pages
XSS Filter Evasion Cheat Sheet
No ratings yet
XSS Filter Evasion Cheat Sheet
43 pages
Comprehensive Report: Acunetix Threat Level 3
No ratings yet
Comprehensive Report: Acunetix Threat Level 3
37 pages
Website Defacement Using Stored XSS
No ratings yet
Website Defacement Using Stored XSS
10 pages
Cross Site Scripting
100% (1)
Cross Site Scripting
15 pages
JavaScript Introduction
From Everand
JavaScript Introduction
Lisa Saldivar
No ratings yet
The Beginner’s Guide to JavaScript
From Everand
The Beginner’s Guide to JavaScript
Steven Mcananey
No ratings yet
(Utkarsh Pandey WTLF)
No ratings yet
(Utkarsh Pandey WTLF)
28 pages
Practical 14
No ratings yet
Practical 14
8 pages
ISM - Guidelines For System Hardening (March 2025)
No ratings yet
ISM - Guidelines For System Hardening (March 2025)
30 pages
Avaya SBCE Deploying On Microsoft Azure 8.1.x PDF
No ratings yet
Avaya SBCE Deploying On Microsoft Azure 8.1.x PDF
66 pages
WSMA Lab
No ratings yet
WSMA Lab
21 pages
Spring Rest Snippets
No ratings yet
Spring Rest Snippets
5 pages
Quickbooks Error Code 6177 0
No ratings yet
Quickbooks Error Code 6177 0
4 pages
Readme!
No ratings yet
Readme!
2 pages
6911
No ratings yet
6911
13 pages
Jake S Resume Anonymous
No ratings yet
Jake S Resume Anonymous
1 page
Minor Proj
No ratings yet
Minor Proj
41 pages
Justin Rosner: Rosnej1@mcmaster - Ca
No ratings yet
Justin Rosner: Rosnej1@mcmaster - Ca
1 page
OWASP WSTG Checklist
No ratings yet
OWASP WSTG Checklist
74 pages
G10 IT QP Test2
No ratings yet
G10 IT QP Test2
5 pages
KIOT-Greenway Health Virtual Pooled Campus 25.07.2025-1
No ratings yet
KIOT-Greenway Health Virtual Pooled Campus 25.07.2025-1
1 page
SIMnet - W10-1 (Up To 10 Points)
No ratings yet
SIMnet - W10-1 (Up To 10 Points)
3 pages
I T
No ratings yet
I T
14 pages
Instant Download Flask Web Development Developing Web Applications With Python 1st Edition Miguel Grinberg PDF All Chapters
100% (11)
Instant Download Flask Web Development Developing Web Applications With Python 1st Edition Miguel Grinberg PDF All Chapters
85 pages
Ci:CD
No ratings yet
Ci:CD
9 pages
Java Unit 3+ 4 Notes IPU
No ratings yet
Java Unit 3+ 4 Notes IPU
67 pages
Akhila Chennamaneni: Career Objective
No ratings yet
Akhila Chennamaneni: Career Objective
2 pages
Inb100018-3 Technical Manual Serial Communication Control Interface (Scom) Series1 PDF
No ratings yet
Inb100018-3 Technical Manual Serial Communication Control Interface (Scom) Series1 PDF
36 pages
Associate Cloud Engineer - 4
No ratings yet
Associate Cloud Engineer - 4
23 pages
Duplicate Cleaner Log File
No ratings yet
Duplicate Cleaner Log File
2 pages
Tree Size
No ratings yet
Tree Size
192 pages
Dsa Lab 5
No ratings yet
Dsa Lab 5
8 pages
Ambo University Institute of Technology Department of Computer Science
No ratings yet
Ambo University Institute of Technology Department of Computer Science
21 pages
Documentum Content Transformation Services 16.7 Release Notes
No ratings yet
Documentum Content Transformation Services 16.7 Release Notes
22 pages
Make API Call in NodeJS
No ratings yet
Make API Call in NodeJS
12 pages
Sufyan Ali Resume
No ratings yet
Sufyan Ali Resume
4 pages

KGGD 6 N 5 V

Uploaded by

KGGD 6 N 5 V

Uploaded by

Lesson 2: Cross-Site Scripting (XSS)

Step 1: Lab Setup

Step 2: Detect Reflected XSS

1. Identify Input Fields:

Step 3: Exploiting Stored XSS

1. Navigate to a Page with Persistent Input:

Step 4: DOM-Based XSS

1. Inspect the DOM-Based XSS Page:

Step 5: Advanced Bypass Techniques

Step 6: Practice and Review

1. Try Other Input Fields:

Summary of Key Techniques

1. Basic Payloads: <script>alert(1)</script> or <img src=x onerror=alert(1)>.

You might also like