+Live+tutorial+for+Beginners+by+Hackw0rm+(The+w0rm+Pirates)+.jpg)
Hello, friends my recent post "Complete DOM Based XSS" just rocked and readers enjoyed it very much because of Live tutorial. So this time I thought to teach Reflected Cross Site Scripting live tutorials for beginners. (Non-Persistent XSS Vulnerability Exploitation) + Patching XSS Vulnerabilities. First of all read my all recent post on XSS and watch Video Tutorials also. Click Here.
What is Reflected XSS ?
Reflected XSS is also called Non-Persistent Cross Site Scripting is Web Vulnerability which allows an attacker to inject malicious payloads and Javascript + HTML into Web Pages. Reflected XSS is second type of XSS. Reflected XSS occurs due to bad coding and without user Input Filteration. Reflected XSS is one of the most dangerous Web Vulnerability. Mostly Reflected XSS found in Search Engine and many Other Input Box.
Understanding Reflected XSS :
If you still didn't understand properly how Reflected XSS work then here is one example to understand it easily. Read it properly :)
Assume that Facebook search engine is vulnerable to Reflected XSS, wow! then we can Hijack, Hack, Steal any accounts Password etc.
Suppose you enter a search query like - "Viv" then it will send "Viv" in parameter value and server will sanitize your input and search for Viv. and probably you'll get my FB ID hahaha :D. It will definitely reflect your Search query in Body of Web Page + also in URL. Okay! as i said it is already vulnerable.
So what if an attacker Inject malicious code something like this : <script>alert(3)</script> definitely he will get Pop-up "3", and that time only check URL Parameter. The Server Reflect whatever we input into WebPage, let's learn it more deeply with real live Reflected XSS tutorial and also :
[X] how to Patch (Fix) Reflected XSS Vulnerabilities.
Reflected XSS Live Vulnerability Exploitation Tutorial :
Well, XSS doesn't require any heavy tool but if you don't have time and want to create dangerous XSS payloads then I'll recommend you to use :
Xenotix XSS Exploit Framework Click to Download.
What is Reflected XSS ?
Reflected XSS is also called Non-Persistent Cross Site Scripting is Web Vulnerability which allows an attacker to inject malicious payloads and Javascript + HTML into Web Pages. Reflected XSS is second type of XSS. Reflected XSS occurs due to bad coding and without user Input Filteration. Reflected XSS is one of the most dangerous Web Vulnerability. Mostly Reflected XSS found in Search Engine and many Other Input Box.
Understanding Reflected XSS :
If you still didn't understand properly how Reflected XSS work then here is one example to understand it easily. Read it properly :)
Assume that Facebook search engine is vulnerable to Reflected XSS, wow! then we can Hijack, Hack, Steal any accounts Password etc.
Suppose you enter a search query like - "Viv" then it will send "Viv" in parameter value and server will sanitize your input and search for Viv. and probably you'll get my FB ID hahaha :D. It will definitely reflect your Search query in Body of Web Page + also in URL. Okay! as i said it is already vulnerable.
So what if an attacker Inject malicious code something like this : <script>alert(3)</script> definitely he will get Pop-up "3", and that time only check URL Parameter. The Server Reflect whatever we input into WebPage, let's learn it more deeply with real live Reflected XSS tutorial and also :
[X] how to Patch (Fix) Reflected XSS Vulnerabilities.
Reflected XSS Live Vulnerability Exploitation Tutorial :
Well, XSS doesn't require any heavy tool but if you don't have time and want to create dangerous XSS payloads then I'll recommend you to use :
Xenotix XSS Exploit Framework Click to Download.
- Click here to go on Vulnerable Web Site.Click on Image to Enlarge it
- Well you'll see some text and One search box, first of let me explain you it's programming. I mean how it works :
- I created two Web Page File named : index.html and search.php
Coding of Index.html (Click on Image to enlarge it)
Index.html doesn't contain much hard coding just a simple basic Form and Input and output values etc. If you know HTML then this is like a piece of cake for you.
Now Coding of search.php (Click on Image to enlarge it)
In search.php we created a GET parameter of search : always remember GET parameter appears into URL, it's a simple PHP Code of GET Parameter.
So this is how a normal vulnerable Search engine works let's test it. Just enter any string value into Search box of my vulnerable tutorial website, and the Server sanitize your Input and will reflect back to you in your browser.
- I entered a query w0rm : Here below check out how this works
HTML Form → Input Parameter (w0rm) → Browser sent it to Server → Server Sanitized Input and → Reflected back to the User → then definitely it will be in source Code. (Check Source Code for your Input value - w0rm)
- You'll see your value at 1st line without any tag or validation Web Form accepted and executed my command so now use som evil mind :
Simple replace w0rm Parameter with some XSS payloads like :
<script>alert(document.domain)</script>
<img src="a" onerror="javascript:alert(document.domain)">
<img src=x onerror=prompt(3);
Click on Image to enlarge it
and your command will be executed as normally without any filteration Just check source code once again, you'll see your clear HTML command. This happens because Web Browser assumes this payload as original Source code and execute our command and reflect it back to the users.
Click on Image to enlarge it
Patching (Fixing) Reflected XSS Vulnerabilities :
Patching Cross Site Scripting (XSS) Vulnerabilities is very easy Just add :
htmlspecialchars or htmlentities in PHP parameter so it will filter every HTML tags into characters.
Now whenever an attacker will try to Inject his script in Web Page, htmlspecialchars will filter it HTML tag into HTML characters for eg.: Click here to go on Patched WebPage and try some XSS Payloads
For Eg. It will convert :
< to <
> to >
" to "
& to &
Click on Image to enlarge it
Note : This is for Educational Purpose only, XSS is very Dangerous Vulnerability. We share it for Ethical purpose only. Please share it to increase us, feel free to comment and let me know your problem. Thank you.
Ichsan Bahri
I'm Ichsan. A full time web designer. I enjoy to make modern template. I love create blogger template and write about web design, blogger. Now I'm working with Themeforest. You can buy our templates from Themeforest.
Website: http://sagoe.net/
No Comment to " Reflected Cross Site Scripting (XSS) live tutorial for beginners "