Hacking Websites
XSS stands for Cross Site Scripting. These exploits are usually used in conjunction with a cookie grabber, and a cookie editor addon (such as Add n Edit Cookies for Mozilla Firefox) to steal accounts from various websites. This is a very easy way to steal users passwords right from the site.
In this tutorial, you will learn to do some basic XSS auditing, and learn to exploit those holes to gain access.
Chapter 1 – Finding a Site
Good sites to practice on are sites that have a lot of user input. Profile sites (Myspace-Clones, Virtual Pet Sites, etc.) are great.
For this tutorial, lets use the online virtual pet site Rescreatu.
Lets start hacking
Part B – Finding the Vuln ( Security Hole )
XSS Vulnerabilities are created when the programmers don’t validate the data a user inputs. On this particular site, I know of one exploit I just found. There are probably more, but lets just use the one I found so far.
The exploit is found in the Gallery area of the site. A Gallery is where you apparently put ‘rare’ items in the game to be shown off to people.
The idiots don’t validate the input for the shop name and description. You don’t even need to obfuscate the attack vector.
Navigate to: http://www.rescreatu.com/gallery/manage.php
Create the gallery if you must.
Now, in the shop name, type:
Code:
<script>alert('xss 1')</script>
Code:
<script>alert('xss 2')</script>
We get xss 2, but not xss 1. At least we have one hole. (Note that XSS 1 can work, if you obfuscate it a little bit. All you need to do is type ‘><script>alert(‘xss 1′)</script> and it works.)
Now that we have an XSS vector… Let’s have some fun and steal some accounts.
No comments:
Post a Comment