websites can be hacked by many ways!!
a most famous way is XSS (CROSS SITE SCRIPTING )
here
im {Anonymous Ihackyou749} going to exaplain what is xss??
****what is cross site scripting XSS and types of cross site scripting XSS **
If you want to find Cross sitescripting XSS so you have to learn following prerequisite
Basic Knowledge in Hypertext markup language (HTML)
Strong Knowledge of JavaScript
Basic knowledge of HTTP client server Architecure
Basic knowledge of (PHP, ASP.NET)
What is cross site scripting XSS?
Cross site scripting XSS is one of the common website security flaws that allow a Hacker | Attacker to run his client side scripts like JavaScript’s payload into website that is viewed by others. with the cross site scripting bug may be hacker bypass access control .if hacker successfully exploit cross site scripting XSS so then hacker easily do steal account, phishing attack and many more. In simple word with the help of cross site scripting XSS hacker inject his malicious JavaScript payload into website then a user visit the website link then it will execute the malicious JavaScript payload.
Types of Cross site scripting XSS:
There are two types of Cross site scripting XSS
1. Persistent XSS ( Stored XSS)
2. Non persistent XSS ( Reflective XSS)
noman ramzan cross site scripting
Persistent Cross site scripting XSS:
The persistent XSS also known as stored XSS. As shown with the name of stored XSS and this Cross site scripting XSS stored somewhere. When attacker used Cross site scripting XSS malicious code inject into the website and then this payload saved by the server in the database and then is will run in the normal link of website.
Example of persistent XSS
There are so many website which support the forum and where the user register and ask a question like answer.yahoo.com. if the Hacker post a message with the malicious JavaScript payload then if the server fail to sanitize the payload and then code execute easily. So whenever user read to this post and open a link then inject code cookie stealing of a user and then hacker easily bypass his account.
NON persistent Cross site scripting XSS:
Non persistent also known as reflected XSS. This is very common vulnerability discover by security Researchers. And this is find in the search filed like search, contact page and subscribe email. in this attack hacker inject payload will send to the server with the request of HTTPrequest and then server embed with html file and then return HTTPresponse to the browser. When the browser execute the file and then it’s also execute
the scripts. so it’s a reflective XSS.
DOM based Cross site scripting XSS:
In the addition to these types DOM based XSS also third type of cross site scripting XSS. This is very important part of XSS. Most of the big website like Microsoft, PayPal, Nokia, eBay and many more website. Later on I will explain more about DOM based XS...
For More info Hit Max like & stay tuned with us...
Like ✔ Comment ✔ Share ✔ Anonymous Ihackyou749 ✔
Mag-post ng isang Komento