what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Friday, June 22, 2007

AN ATTACK WITH CROSS SITE SCRIPTING

CROSS SITE SCRIPTING ATTACKS


Well, this is a simple example of an XSS vulnerable site. Its displays my cookie when i initiate document.cookie. If u know what i mean by cookies, then u will understand that, u can edit cookies too. Lets explain more on this below. Note, no beef with the site owners, just an example.

For some months i have been studing more on Cross Site Script (XSS) and i think i need to post this. I posted a zero day XSS scanner some time last week, if u didn't get a glimpse of it, i can always do that later.


ABOUT THE SCANNER


-Well that scanner, should get y
ou going when looking for Targets u wonna work out this weekend. Using Google Queries
is always the best way to hack with, we always say google is the best teacher, and the best hack tool ever exposed to the public, that is more than 60% accurate.

I'm not the author of code, its done by a good friend, i spend time with google, so i dont need a code to pick XSS vulnerable sites.

Anyway for starters, its good to know how to use tools before u get all blackhat and start picking targets with google or mouse pointer
s, hehehe.......... I'm Blackhat, i do alot underground stuff, read the manifesto, but they will never get near me, since i leave no trace.

THE SCANNING PHOTOS

Lemmie upload some photos of what the scanners can do.












So we are going to discuss the following

a)
Cookie Stealing
b) Javascript Injection
c) Xss in general and how to apply the attack

What Is a Cookie?

A cookie is a sensitive piece of data. You see once you go to a site and sign up a cookie is set to remember you. A cookie just holds data that the site can check that you have and see if youve been there before, if you have then it checks to see if the user and password are correct then logs you in. Picture your at a night club and you buy a ticket and they give you a band. So you can go in and out (so you dont have to rebuy a tickey) Cookies go much farther then that as you can see. Night Clubs remember you for one night. Cookies can remember you for ever.

Alerting & Spoofing

So you know what a cookie is... now how to you see them? Actually cookie editing is one of the most simple method. You see as long as you have a browser you can view and edit cookies, just with basic JavaScript(JS) skills. Load up your browser and go to the site... login... nowtype javascript:alert(document.cookie) and you should see a user and password (which is yours) If you don't thats ok! Most sites now a days don't use cookies... but use sessions... Sorry sessions can't be edited (they can) but not like cookies, once you edit a cookie you can spoof yourself (username and password) Now let's begin to spoof... Ok say you alerted the cookie and saw something like this...

strusername=Chuks;strpassword=danger

Now say you know 'kenya' is a admin and you don't know his password... due to weak security you don't need a password javascript:void(document.cookie="strusername=kenya") Now type javascript:alert(document.cookie) !!! Heh welcome kenya That's pretty much all to Cookie Editing. Do more research on that, i aint doing it for u.

What Is XSS?

XSS, or CSS, whatever you perfer to call it, XSS (CSS) stands for Cross Site Scripting. Basically that means you inject script any kind, to make it do whatever you want... Depends what you inject will depend on the outcome. With XSS you can also steal input. Such as user names passwords and cookies. This will all be discussed so will many examples and this article should help you get creative with XSS.

With XSS you can execute any type of script on the client and the server. XSS isn't just executing script, but also stealing input. You setup XSS to grab the input and post it on your site in a secret file! This isn't all that XSS can do. Xss can also steal cookies. Cookies hold valuable Information such as user / passwords etc...

So there was this question, the file output that the stealer script picks and pastes at the evil server with the cookies, could there be a google dork, that can help search for these outputs? Good Question, right? Hehehehe..............



Cross site scripting seems to be the future of web attack and new techniques develop every day. Good read. Will edit more later, since this was written in a Hurry and i havent explained more on the attack too, so hold on, atleast i did an Introduction.

/Chuks






2 comments:

lisa said...

nice info u got there, keep it up.

Chuks said...

Always at your service Madam President.