Week 4 - Finding XSS

Finding XSS Vulnerabilities

It’s officially week 4 of the Web App hacking series! Today’s tip involves finding Cross-Site Scripting vulnerabilities. Many popular Automated Scanners inject payloads similar to “><script>alert(“XSS”)</script> throughout the application. This will turn up some low hanging fruit but will sometimes miss Stored XSS vulns. Applications often block common payloads containing <script> tags, so the JavaScript will never make it to the front end to be executed, and you’ll never know the target field is vulnerable. I always recommend placing payloads like ”><b>testing</b> or “><input>test<input> throughout the application, since they are rarely blocked by WAF’s. This way, if the application is vulnerable to XSS, you will see either bolded text (<b>) or an input box (<input>). Then you can locate the vulnerable field and enter more obfuscated payloads.