Finally it is Over 😀 next up is MySQL Injection and that is really interesting topic to cover.
And as we move forward in this course the challenges provided in the Lab will get hard and really interesting to solve and a fun way to learn more about your own skills and how the web application works.
If you haven’t seen the previous example that we solved then here is the video reference to that post.Example-1 , Example-2 , Example-3 , Example-4 , Example -5 , Example-6 , Example-7 and Example-8 here.
Being able to find these kind of vulnerabilities in most of the web applications is the most important thing in learning ethical hacking and penetration testing and that can lead to better web penetration testing and good results to show in your reports.
So this last example is a DOM XSS example. As most of you may not know what DOM Cross Site Scripting is the first question you must have had is What is DOM Based XSS ??
DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner. That is, the page itself (the HTTP response that is) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the DOM environment.
This is in contrast to other XSS attacks (stored or reflected), wherein the attack payload is placed in the response page (due to a server side flaw).
Please note research from David Wichers seeking to reclassify DOM XSS more strictly as CLIENT SIDE XSS. https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting#DOM_Based_XSS_.28AKA_Type-0.29
This the best Definition of DOM based XSS so one thing that i want to make clear is that while testing for DOM XSS you should try testing it on different versions of web browsers as it does depend on that.
Testing Tools and Techniques
Minded Security has been doing some significant research into DOM based XSS. They are working on two projects to help with DOM Based XSS:
2. The DOM XSS Wiki – The start of a Knowledgebase for defining sources of attacker controlled inputs and sinks which could potentially introduce DOM Based XSS issues. Its very immature as of 11/17/2011. Please contribute to this wiki if you know of more dangerous sinks and/or safe alternatives!!
3. DOM Snitch – An experimental Chrome extension that enables developers and testers to identify insecure practices commonly found in client-side code. From Google.
These are the most use full tools developed for testing for DOM Based XSS so do check them out as they are of great help and use while you advance in this.
For More Information on this you can check out OWASP Security Site .
Mostly this payload work best with DOM
Here is the video of the Example with explanation.
There we have all the XSS examples from Web for Pentester I. Tune in next time for some of the other examples.