INFOSYS 727 Lab 07- Web hacking 03

Reflected xss htmlscript htmlscript htmlscript you won

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: the server that renders the attack, by not properly escaping or sanitizing the stored data. Reflected XSS HTML/Script HTML/Script HTML/Script You won! Click here! etc., HTML/Script Stored XSS Forum/Guestbook HTML/Script HTML/Script Web Exploitation and Vulnerabilities Reflected XSS: The most dangerous characters in a URL are < and >. If you can get an application to directly insert what you want in a page and can get those characters through, then you can probably get a script through. Try these: http://google-gruyere.appspot.com/<your unique Gruyere id >/%3e%3c(single encoding) http://google-gruyere.appspot.com/<your unique Gruyere id>/%253e%253c (double encoding) http://google-gruyere.appspot.com/<your unique Gruyere id>/%c0%be%c0%bc ( bad UTF-8 encoding) Append the following scripts to your URL instance in Gruyere <iframe> </iframe> <a href="www.google.com" onMouseover="window.alert('Hello');"> My Fav search engine </a> Now insert any image downloaded from the web onto the page – (Hint: append <img> to the URL) Web Exploitation and Vulnerabilities Exercise 2a Reflected XSS Can you upload a file that allows you to execute arbitrary script on the google-gruyere.appspot.com domain? Hint • Use some of the lab 05 exercise scripts. For example, upload a .html file containing scripts like these: • <script> alert(document.cookie); </script> • <script> alert(‘hello w...
View Full Document

Ask a homework question - tutors are online