XSS:Anatomoy structure Part 1

Hello guys, with the increasing technology in cyber world securities of websites are also getting stronger. Those days are not far when things like sqli, etc.. will become the thing of past as in sqli is only good for php version 5, if php version is less than 5.. then it is very difficult to guess the column names as you have to do guess work. and for php version 6, it is being heard that they will have their own feature of blocking sqli. SO sqli is going to be the things of past atleast in the filed of security or cyber attack.

so, i thought of researching on old method but it will still exist as it deponds on the level of programmer how efficient or how good is at programming, till the day programmers are going to do mistakes this vulernability is going to exists.

It is known as XSS. Ya , you ar e right it is cross site scripting, in which attacker gets the priviledge of executing an arbitrary code in the url of victim site and those codes will be executed by server.

I will start with giving the basic example of xss how it can be performed although it is very baisc, and almost this trick is on the verge of extinct, but still u can try this trick to get an idea how xss works.

In this example, I will try to redirect the browser to a new website say www.google.com by making the server to execute this request on the behalf of attacker.

First step: How to find the vulernability

Remeber google is the best friend, so we will ask google only.

type this in google:

inurl:"navigate.php?url"

you will get some result

These sites are ill-coded which can be used by an attacker to redirect to the the site which he wants,as a result script will be executing on the behalf of attacker, say if an attacker redirects this url to its own evil shell, since server is executing the script there is very high probability that attacker will take control over the site.

Second Step:Action

In the result you must have got something like site.com/navigate.php?url=www.nextsite.com

replace the nextsite.com to the site which you want say www.google.com and press enter wola..... u have been redirected to google.com.. now try with different servers..

Now many of us wont be understanding the actual concept in this process, so to give them a clear picture i have shown second example.

Example 1:

Sorry for the figure arrangements

In the third figure you can see that i have changed the url to microsoft.com, and my browser is working

In second figure it shown that finally url has been redirected to microsoft's home page.

But many users can ask, what happened , i dont see anything big happening here..

so look at the first figure you answere lies there...... you can see that when i changed the parts after the url: to google.com then, google's website is being running on the victim's homepage this means victim is executing the code on our behalf.

NOTE:1. The method which i have stated above for finding the vulernable servers maynot work alwyas.. or it may happen you may not get the search results. so it deponds on you how you refined yours search.

for eg. you can try : inurl:navigat.php? + inurl:url , etc.... it deponds on your creativity how you find your victim.

2.This tutorial is only for education purpose , only you are responsible for what you do with it.

3.Stay in touch xss is not over, there are many more to go....... i will keep you updating..............