Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modify user data in your apps and you must learn to dispatch them, pronto! google xss game appspot
At Google, we know very well how important these bugs are. In fact, Google is so serious about finding and fixing XSS issues that we are paying mercenaries up to $7,500 for dangerous XSS bugs discovered in our most sensitive products.You are entering the XSS game area
In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.
There will be cake at the end of the test.
Level 1: Hello, world of XSS
Mission Description
This level demonstrates a common cause of cross-site scripting where user input is directly included in the page without proper escaping.
Interact with the vulnerable application window below and find a way to make it execute JavaScript of your choosing. You can take actions inside the vulnerable window or directly edit its URL bar.
Mission Objective
Inject a script to pop up a JavaScript alert() in the frame below.
Payload :- <script> alert(12) </script>
Level 2: Persistence is key
Mission Description
Web applications often keep user data in server-side and, increasingly, client-side databases and later display it to users. No matter where such user-controlled data comes from, it should be handled carefully.
This level shows how easily XSS bugs can be introduced in complex apps.
Mission Objective
Inject a script to pop up an alert() in the context of the application.
Note: the application saves your posts so if you sneak in code to execute the alert, this level will be solved every time you reload it.
Payload :- <img src="/" onerror="alert('done')" />
Explain :- Well Technically you can say its a XSS payloads. In this payload user trying to get a prompt message when error is error. when image x is not found then its .
Level 3: That sinking feeling...
Mission Description
As you've seen in the previous level, some common JS functions are execution sinks which means that they will cause the browser to execute any scripts that appear in their input. Sometimes this fact is hidden by higher-level APIs which use one of these functions under the hood.
The application on this level is using one such hidden sink.
Mission Objective
As before, inject a script to pop up a JavaScript alert() in the app.
Since you can't enter your payload anywhere in the application, you will have to manually edit the address in the URL bar below.
Payload :- ' onerror="alert('done');"
Explain :- The onerror attribute fires when an error occurs while loading an external file (e.g. a document or an image).
Level 4: Context matters
Mission Description
Every bit of user-supplied data must be correctly escaped for the context of the page in which it will appear. This level shows why.
Mission Objective
Inject a script to pop up a JavaScript alert() in the application.
Payload :- ?timer=')%3Balert('done')%3Bvar b=('
Hint :- 1. Take a look at how the startTimer function is called.
2. When browsers parse tag attributes, they HTML-decode their values first. <foo bar='z'> is the same as <foo bar='z'
3. Try entering a single quote (') and watch the error console.
Level 5: Breaking protocol
Mission Description
Cross-site scripting isn't just about correctly escaping data. Sometimes, attackers can do bad things even without injecting new elements into the DOM.
Mission Objective
Inject a script to pop up an alert() in the context of the application.
Payload :- ' onerror="alert('done');"
Explain :- The onerror attribute fires when an error occurs while loading an external file (e.g. a document or an image).
Payload :- signup?next=javascript:alert('KumarAtulJaiswal')
Hint :- 1. The title of this level is a hint.
2. It is useful look at the source of the signup frame and see how the URL parameter is used.
3. If you want to make clicking a link execute Javascript (without using the onclick handler), how can you do it?
4. If you're really stuck, take a look at this IETF draft
Video Tutorial :-
Disclaimer
This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing malicious or damaging attacks. Performing any hacks without written permission is illegal ..!
All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.
All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.
- Hacking Truth by Kumar Atul Jaiswal
I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)
