This time I want to share experiences, how to conduct XSS in Internet Explorer & Mozilla Firefox 9 4:01What is the difference between the two:
* Internet Explorer 9 has anti-xss library that will provide a pop-up warning to protect against XSS activity. Information here:
click here
The video can be found here: click here
* Mozilla does not have anti-xss library.
Okay yuk XSS let us analyze how this can be done,
First: Internet Explorer 9
1. By default, Internet Explorer 9 will protect against all things script, usually in the code """> 2. In order that we can do XSS, then we have to disable the Anti-XSS Library, by doing a "Disable" XSS Filter
3. After the "Disable", then the XSS Attack can be done in Internet Explorer.
Second: Mozilla Firefox 4.0.1
1. Mozilla Firefox does not have Anti-XSS Library, so the default we can directly perform XSS.
2. Provided, however XSS Filter of some plug-ins (Please look for yourself)
Okay, let's let's try how powerfullnya XSS: Cross Site Scripting
I want the make Mozilla Firefox 4.0.1 aja.
Many are asking, what is great & the dangers of XSS anyway?
Who do not know & not to experiment definitely says:
* What's so great anyway, writing in the URL talaga cuman
* Begituan mah not any good
* XSS mah can not dideface pages
* It's a change of address talaga cuman
I just smiled when he heard a discussion about this
Well, of the many dangers of XSS, let us take one of them "stealing ACCOUNT IN WEBSITE vulnerable". (Please cite this as Learning Material & Protection Self Only Yes, This article is only for Adding Insights)
In this case I use XSS combined with the Human Vulnerability, as all must have known, that Man is unpatched Vulnerability
The scenario is:
1. We get a vulnerable website that can be done XSS
2. We create a script that can be used to register / login & create a script file (php) that can be used to retrieve account information & store it in the logs.
3. We distribute the link to multiple email / messenger / chatbox / irc, etc..
4. Wait & we get it deh
The steps are:
First
* I use the XSS vulnerable websites www.eset.com.mx, ESET Antivirus is one of the companies that are also very famous in the world, but it has disadvantages as well on his website.
* Test XSS whether it can run on the website, the following example: http://www.eset.com.mx/xtrasappz/evalform/index.php?t=emav&promocode =% 22% 3E% 3E% 3Cfo 3Ccenter% nt% 20size = % 22 300% 22% 3EBinus% 20Hacker% 20Disin 20Ada% i% 3Cbr% 3Ehttp: / / www.binushacker.net% 3C/font% 3E% 3E% 3C% 3C/center /
* Test cookies (there were), since his article was not stealing cookies, we wrote lewatin
* Okay, the website has been caught vulnerable
Second
* In my mind, a lot of ideas, between the login & register pages.
* Finally, re-coding, making the page the page register in the ESET
* Then make php to receive & store it in log results, the following:
* Fake register before I make my store at: http://restinpeace.biz/eset/, already be set so that the file permissions can not read the file, only to see directorynya. Hhehe ..
Third
* Here we will use the html code