Cross site scripting which is commonly known as XSS, is a very simple vulnerability found in Web Applications, XSS allows the attacker to RUN a malicious code on the website. XSS vulnerability allows attacker to inject some code into the web apps affected in order to bypass security access to the website or to trap the user’s info and cookie stealing. This technique can be used for many purposes like cookie stealing, website hacking, user’s manipulation and many more things attacker can play with it. Here I will show you how to hack with XSS, if you want to learn more about it, you can check this complete guide to XSS cross site scripting here.

So, How to Hack with XSS?

There are many different things you can play with the help of XSS. Here are few of the common hacks, you can learn that how to hack with XSS.

First thing is to find out a XSS vulnerable website. There are different approaches to find XSS vulnerable websites. So, here comes the first part of the attack to find out a vulnerable website.

How to Find XSS Vulnerability?

This is the part where ‘Google Dorks’ become handy. Using different ‘Google Dorks’, you can find a vulnerable website with ease. So, how to do it? Simply go to Google.com and type the code given below.

inurl: “search.php?q=”

This query will let google to populate a search list of results. You need to open a website and test it out by the using Basics of XSS given below, whether it’s vulnerable or not.Most of the websites would be vulnerable to XSS.

If you want to test a known website for XSS vulnerability, Open the target website and start finding XSS vulnerability, you can start simply jump to the website’s search box. Give it a try if it doesn’t work, take a look over comment boxes, forums, blogposts etc.

Basics of XSS

You come to know about finding out vulnerability in the above topic, now it’s time to take an action, the most common used XSS injection is to type the following query in the website’s search box.

<script>alert(“Mubi Ace”)</script>

This query will open a popup window showing the message “Mubi Ace” without quotes.

You can also use  “search.php?q=” in the Google to find out websites and then apply the query on them like I showed above.

You can also simply try the following on a website by URL instead of putting query in the search box.

http://target.com/search.php?q=<script>alert(“Mubi Ace”)</script>

There’s good chances of it’s working, but if it goes wrong and don’t work. Simply move to the other site and try it on the other website.

You can also try HTML tags like below.

http://target.com/search.php?q=<h1>Mubi Ace</h1>

If you can see the Mubi Ace text appearing on the screen, it’s mean it’s vulnerable.

How to Bypass Filtration 

There are so many sites which may be vulnerable to XSS but doesn’t run the malicious code like above mentioned. It means site is using filters. So, how to play with such sites, you can use the following filteration methods.

‘)alert(‘Mubi Ace’);

or

“);alert(‘Mubi Ace’);

That will perform same action as the simple XSS query <script>alert (“Mubi Ace”)</script> does on a vulnerable website.

You can also use hexing or base64 encoding your data before you submit.

How to Deface a Website with XSS?

Well now you have clear understanding of how XSS works actually. Now we move to the next part of it that is how to deface a website with XSS. There are many ways you can choose to deface a website. I will mention few of the most used methods.

First method is to used IMG SRC that displays the IMAGE linked to it on the web page.

<html><body><img src=”http://target.com/myDefaceImage.png”></body></html>

Now if you changed the link to a valid picture link, and save it and run it you will see what i mean. Right now say you have found a comment box or posts that will show up submitted data. You can use the following command to make the picture display on the page.

<img src=”http://target.com/myDefaceImage.png”>

The other tags are not needed has the page will already have them. This will show up your deface page as the site got hacked. You can also use flash videos instead of image by the use of following code to deface a website.

<embed src=”http://website.com/xss.swf”>

It will execute the flash video linked to it. Also you can use it for redirection to another website as

<script>windows.open(“https://www.ethicalhackingtutorials.com”)</script>

 

Hope you have come to know how to hack with XSS vulnerablity. There are many other things you can do with XSS like cookie stealing. I will write on session hijacking using XSS in my next article.

 



Note: Use Virtual Machine and scan on VirusTotal before downloading any program on Host Machine for your privacy.