Skip main navigation

Exploitation

In this video, Paulo Silva will demonstrate how hackers can exploit XSS. The example teaches you what to look out for in your own system.
6.2
Welcome back to Cross-Site Scripting session. In this second part, we will exploit a cross-site scripting vulnerability in our target application. We will jump straight to our intentionally vulnerable application and then move on to the mitigation part. As discussed in the previous part, we will test the product search feature and understand how it works and whether it is vulnerable to cross-site scripting. Let’s pop up developer tools to inspect the network traffic.
41.9
Note that our search keyword now also appears in the URL and in the page’s body.
54.2
In the network, we can see a request to a search end point with a q parameter, but it does not include our search keywords.
70.4
In fact, the response returns all products, and then they are filtered client side.
82.3
If we find a vulnerability, then it will be a client XXS, as discussed before. Let’s have a look at the page’s DOM.
105.6
Using another search keyword, we see that the DOM node is updated.
116.9
Let’s use the XXS payload we used as example in the first part of this session.
142.5
The payload also appears in the URL, but this time, it isn’t visible next to the search results title. Nevertheless, we can find it in the DOM.
155.5
The model box was not triggered, meaning that our payload was not executed. Some frameworks have XXS prevention mechanisms, and this may be the case. In such cases, we should try to bypass such mechanisms testing different payloads.

You will now follow a demonstration showing you how hackers can exploit XSS on your system.

This video will consider how the product search feature on OWASP Juice Shop can be used to identify if the system is vulnerable to XSS threats. This will teach you what to look out for in your own system now that you understand a hacker’s methodology. The demonstration will continue in the next step.

This article is from the free online

Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education