Stored,Reflected and DOM Based XSS Exploitation in DVWA

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.

before this article must read about Setting up DVWA and Introduction - Website Hacking

Lets Start with Stored,reflected and DOM Based XSS Exploitation

Step 1. Stored XSS generally occurs when user input is stored on the target server, such as in a database, in a message forum, visitor log, comment field, etc.

And then a victim is able to retrieve the stored data from the web application without that data being made safe to render in the browser.

Step 2. Now have a look over a small script which would generate an alert window. So in the text area given for message I will inject the script which get store in the server.

Step 3. Now when user will visit this page to read our message his browser will execute our script which generates an alert prompt as showing following screenshot.

This was a small demo to show how to inject any script if server is suffering from XSS and further you will learn what else an attacker can do to cause damage inside a web application server.

Step 4. If attack is aware that the web server is having XSS then he might think to steal the web cookies which contain session Id therefore he will generate a script to fetch running cookies.

In following screenshot you can see I have injected the script to get web page cookies.

Step 5. Here in given below image when I have executed the script I have successfully fetched the browser cookies and now further I will use this cookies for retrieving the data of web application server.

Step 6. select the reflected cross site scripting vulnerability from given list of vulnerabilities.

Step 7.Now have a look over a small script which would generate an alert window. So in the given text field for "name" I will inject the script in the server.

Step 8. Browser will execute our script which generates an alert prompt as showing following screenshot.

In low security it will easily bypass the injected script when an attacker injects it in the text field given for "name" which should be not left empty according developer.

Step 9. The DOM-Based Cross-Site Scripting is vulnerability which appears in document object model instead of html page. An attacker is not allowed to execute malicious script on the users website although on his local machine in URL.

It is quite different from reflected and XSS because in this attack developer cannot able to find malicious script in HTML source code as well as in HTML response, it can be observed at execution time.

Select the DOM cross site scripting vulnerability from given list of vulnerability. The web application allows the user to select any language form drop down list.

Step 10. The JavaScript code obtains value from the URL parameter "default" and writes the value in the webpage and as the result the web page show English as output. Now attacker will inject following code into URL script and send this link to the client through social engineering.

Step 11. Great!! Now you can check the output in the given screenshot.

I hope you enjoyed this article.