This is the first article on website hacking on my blog. In this tutorial i am going to explain about CROSS SITE SCRIPTING ATTACK.
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
Types of XSS vulnerabilities:
1.Persistent
2.Non persistent
In this post i am going to explain about the non persistent vulnerability.
Non persistent XSS vulnerability is the Most Common Type of XSS Flaw. It is a Server Side Vulnerability
When a Web Server takes any input from a User and returns the same back to the User without any Validation, This leads to a Non-Persistent XSS Vulnerability.
What can a hacker do with this??
XSS Attacks be used for the following:
•Compromising and Hijacking Accounts
•Stealing User Cookies
•Defacing Websites
•Phishing Attacks
•Posting False or Hostile Content
Steps to hack:
Step 1: Find vulnerability.
Step 2: Deface.
Finding out the vulnerability:
1)Find a textbox in the site or something where you can submit text.
2)Type in the following:
<script>alert("hackinginception");</script>
3)If it is vulnerable it should look like this:
Defacing:
There are some ways to deface a site when you find a XSS vulnerability.
1) Makes A Picture Pop-Up:
"><script>location="www.website.com/yourdefacepic";</script>
2) Replace The Content Of The Page By An Image:
<img src="yoursite.com/yourdefacepic/>
3)Redirect To A Website
<script>window.location="http://www.yoursite.com"</script>
NOTE:
Since this is a non-persistent attack,the changes made by you will not affect the website. But the hackers use these vulnerabilities to steal the information of the visitors of those sites.
I will write some articles on those topics soon.
Hope you liked this article... Leave your comments if you have any doubts or suggestions.
Are you desperately in need of a hacker in any area of your life??? then you can contact; ( www.hackintechnology.com services like; -hack into your cheating partner's phone(whatsapp,bbm.gmail,icloud,facebook, twitter,snap chat and others) -Sales of Blank ATM cards. -hack into email accounts and trace email location -all social media accounts, -school database to clear or change grades, -Retrieval of lost file/documents -DUIs -company records and systems, -Bank accounts,Paypal accounts -Credit cards hacker -Credit score hack -Monitor any phone and email address -Websites hacking, pentesting. -IP addresses and people tracking. -Hacking courses and classes CONTACT THEM= hackintechnologyatgmaildotcom or whatsapp +12132951376 their services are the best on the market and 100% security and discreet work is guarante
ReplyDeleteHack Websites Using Cross Site Scripting - Learn Hacking Tips And Tricks >>>>> Download Now
ReplyDelete>>>>> Download Full
Hack Websites Using Cross Site Scripting - Learn Hacking Tips And Tricks >>>>> Download LINK
>>>>> Download Now
Hack Websites Using Cross Site Scripting - Learn Hacking Tips And Tricks >>>>> Download Full
>>>>> Download LINK ug