📓
Pentesting
  • Writeups
  • HackTheBox
    • Easy Machines
      • Beep Writeup
      • Shocker Writeup
      • Lame Writeup
      • Jerry Writeup
      • Legacy Writeup
      • Blue Writeup
  • TryHackMe
    • Walkthroughs: Easy
      • CC: Steganography
      • Cryptography for Dummies
      • Cross-site Scripting
      • SQL Injection Lab
      • SQL Injection
      • ZTH: Web 2
      • SSRF
      • XXE
      • Authenticate
      • Injection
      • Blaster
      • The Cod Caper
      • Hardening Basics Part 1
      • What the Shell?
      • Game Zone
      • Upload Vulnerabilities
      • Bolt
      • Erit Securus 1
      • CC: Pentesting
      • JavaScript Basics
      • OverPass 2 - Hacked
      • Linux: Local Enumeration
      • Ice
      • Linux Backdoors
      • Avengers Blog
      • DNS in Detail
      • Putting it all together
      • Kenobi
      • Common Linux Privesc
      • Network Services 2
      • Network Services
      • The Hacker Methodology
      • The Find command
      • HTTP in Detail
      • Web Fundamentals
      • How Websites Work
      • Introductory Networking
    • Challenges (CTF): Easy
      • VulNet: Roasted
      • VulNet: Internal
      • Git Happens
      • Kiba
      • VulNet: Node
      • Memory Forensics
      • Smag Grotto
      • Investigating Windows
      • Cat Pictures
      • Juicy Details
      • Anthem
      • Tony The Tiger
      • Jack-of-All-Trades
      • JPGChat
      • Blueprint
      • All in One
      • Gotta Catch'em All
      • Mustacchio
      • Break Out The Cage
      • HeartBleed
      • Poster
      • Madness
      • Source
      • Thompson
      • Library
      • Magician
      • Anonforce
      • Dav
      • GLITCH
      • Fowsniff CTF
      • Team
      • H4cked
      • Easy Peasy
      • ColddBox: Easy
      • Archangel
      • Cyborg
      • Chocolate Factory
      • Brute It
      • Year of the Rabbit
      • ChillHack
      • Gaming Server
      • Brooklyn Nine Nine
      • Wgel CTF
      • Tomghost
      • ToolsRus
      • Skynet
      • Startup
      • Agent Sudo
      • Lian-Yu
      • OhSINT
      • Overpass
      • Crack The Hash
      • Ignite
      • Inclusion
      • Bounty Hunter
      • LazyAdmin
      • RootMe
      • Pickle Rick
      • Basic Pentesting
      • Simple CTF
  • Crackmes.one
    • 1 Difficulty Rating
      • easyAF
      • Easy Keyg3nme
Powered by GitBook
On this page
  • Introduction
  • Stored XSS
  • Reflected XSS
  • DOM-Based XSS
  • Using XSS for IP and Port Scanning
  • XSS Keylogger
  • Filter Evasion
  • Protection Methods and Other Exploits

Was this helpful?

  1. TryHackMe
  2. Walkthroughs: Easy

Cross-site Scripting

PreviousCryptography for DummiesNextSQL Injection Lab

Last updated 3 years ago

Was this helpful?

Introduction

Stored XSS

Lets go to the Stored XSS Webpage

Lets try to add a comment on the page, first we have to create a user and login.

Lets now try to add a comment.

Now lets create an alert popup box appear on the web page with the document cookie.

Lets click ok

Now lets change the XSS Playground heading to I am a hacker.

Lets now try to take over the user Jack's account by stealing his cookie.

Now lets go to the log page

We have the cookie

Lets change users to Jack and post a comment

First lets go to the developer tools and change the cookie to Jacks.

Now lets reload the page

We are now the user Jack, lets post a comment

Reflected XSS

Lets craft a reflected XSS payload that will cause a popup saying "hello"

<script>alert("hello")</script>

For getting the IP address of the machine we can use this payload

<script>alert(window.location.hostname)</script>

DOM-Based XSS

Lets go to the DOM-Based XSS page and look at the source code

This is interesting, looks like there are no checks on the input we give

Now lets exploit it and get the cookie.

test" onmouseover="aletest" onmouseover="alert('document.cookies')"rt(document.cookie)"

Now hover over the Image not found text

Next lets create an onhover event on an image tag, that change the background color of the website to red.

test" onmouseover="document.body.style.backgroundColor='red'"

Make sure to hover over the Image not found text

Using XSS for IP and Port Scanning

XSS Keylogger

Filter Evasion

Lets do the first challenge

Lets do challenge 2

0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"

Lets do challenge 3

Challenge 4

<style>@keyframes slidein {}</style><xss style="animation-duration:1s;animation-name:slidein;animation-iteration-count:2" onanimationiteration="alert('Hello')"></xss>

Protection Methods and Other Exploits