Stored,Reflected and DOM Based XSS Exploitation in DVWA


Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.


before this article must read about Setting up DVWA and Introduction - Website Hacking


Lets Start with Stored,reflected and DOM Based XSS Exploitation


Step 1. Stored XSS generally occurs when user input is stored on the target server, such as in a database, in a message forum, visitor log, comment field, etc.

And then a victim is able to retrieve the stored data from the web application without that data being made safe to render in the browser.


 Stored,reflected and DOM Based XSS Exploitation in DVWA


Step 2. Now have a look over a small script which would generate an alert window. So in the text area given for message I will inject the script which get store in the server.


XSS Exploitation in DVWA (Bypass All Security)


Step 3. Now when user will visit this page to read our message his browser will execute our script which generates an alert prompt as showing following screenshot.

This was a small demo to show how to inject any script if server is suffering from XSS and further you will learn what else an attacker can do to cause damage inside a web application server.


XSS Exploitation in DVWA (Bypass All Security)


Step 4. If attack is aware that the web server is having XSS then he might think to steal the web cookies which contain session Id therefore he will generate a script to fetch running cookies.

In following screenshot you can see I have injected the script to get web page cookies.


XSS Exploitation in DVWA (Bypass All Security)


Step 5. Here in given below image when I have executed the script I have successfully fetched the browser cookies and now further I will use this cookies for retrieving the data of web application server.


XSS Exploitation in DVWA (Bypass All Security)


Step 6. select the reflected cross site scripting vulnerability from given list of vulnerabilities.


XSS Exploitation in DVWA (Bypass All Security)


Step 7.Now have a look over a small script which would generate an alert window. So in the given text field for "name" I will inject the script in the server.


XSS Exploitation in DVWA (Bypass All Security)


Step 8. Browser will execute our script which generates an alert prompt as showing following screenshot.

In low security it will easily bypass the injected script when an attacker injects it in the text field given for "name" which should be not left empty according developer.


XSS Exploitation in DVWA (Bypass All Security)


Step 9. The DOM-Based Cross-Site Scripting is vulnerability which appears in document object model instead of html page. An attacker is not allowed to execute malicious script on the users website although on his local machine in URL.

It is quite different from reflected and XSS because in this attack developer cannot able to find malicious script in HTML source code as well as in HTML response, it can be observed at execution time.

Select the DOM cross site scripting vulnerability from given list of vulnerability. The web application allows the user to select any language form drop down list.


XSS Exploitation in DVWA (Bypass All Security)


Step 10. The JavaScript code obtains value from the URL parameter "default" and writes the value in the webpage and as the result the web page show English as output. Now attacker will inject following code into URL script and send this link to the client through social engineering.


XSS Exploitation in DVWA (Bypass All Security)


Step 11. Great!! Now you can check the output in the given screenshot.


XSS Exploitation in DVWA (Bypass All Security)


For References :-




I hope you enjoyed this article.


Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Popular Posts

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..