XSS is a commonly used vulnerability category that is very prevalent and easily detectable for XSS.
An attacker can insert untrusted JavaScript snippets without authorization into your program. The user who visits the target website then executes this JavaScript.
Cross-site Scripter (aka XSSer) is an automated system for finding, leveraging and reporting web-based vulnerabilities in XSS.
This provides several ways for trying to circumvent other filters and several different injection code techniques.
XSSer setup–XSS update
XSSer is operating on a number of platforms. Python and the following libraries are required:
- python-pycurl - Python bindings to libcurl
- python-xmlbuilder - create xml/(x)html files - Python 2.x
- python-beautifulsoup - error-tolerant HTML parser for Python
- python-geoip - Python bindings for the GeoIP IP-to-country resolver library
To install on Debian-based systems
sudo apt-get install python-pycurl python-xmlbuilder python-beautifulsoup python-geoip
Usage
To list all the features XSSer Package “xsser -h”
root@kali:~# xsser -h
To launch a simple Injection attack
root@kali:~# xsser -u “http://192.168.169.130/xss/example1.php?name=hacker”
Injection from Dork, by selecting “google” as search engine:
root@kali:~# xsser –De “google” -d “search.php?q=”
In this KaliLinux tutorial, a reverse link is formed to make multiple URL injections with automatic payload.
xsser -u “http://192.168.169.130/xss/example1.php?name=hacker” –auto –reverse-check -s
Simple URL Injection, using GET, injecting on Cookie and using DOM shadow
xsser -u “http://192.168.169.130/xss/example1.php?name=hacker” -g “/path?vuln=” –Coo –Dom –Fp=”vulnerablescript”
Parameter filtering with heuristics
root@kali:~# xsser -u “http://192.168.169.130/xss/example1.php?name=hacker” –heuristic
To Launch GUI Interface
root@kali:~# xsser –gtk
Core characteristics
- Both GET and POST injections.
- Includes different filters and bypass techniques.
- The command line and GUI can be used respectively.
- Will give detailed details about the attack.
XSS Standard Defenses
- Which feedback do we have faith in?
- Does it stick to the patterns expected?
- Do not represent untrustworthy results.
- Even applicable for data in our database.
- Context (Java / attribute / HTML / CSS) encoding.
Leave a Reply