Web Hacking Tips
  • Web App Hacking Tips & Tricks
  • Weekly Tips
    • Week 1 - XSS Filter Evasion
    • Week 2 - CSRF Token Bypass
    • Week 3 - CORS Exploitation
    • Week 4 - Finding XSS
    • Week 5 - CSRF Explanation
    • Week 6 - XSS Types
    • Week 7 - Advanced SQLMap
    • Week 8 - Stealing HttpOnly Cookies from PHPINFO
    • Week 9 - SQLMap Tamper Scripts
    • Week 10 - XSS Obfuscated Payloads
    • Week 11 - XS-Search: Cross-Origin Enumeration
    • Week 12 - Subdomain Takeovers
    • Week 13 - XSS Keylogger
    • Week 14 - Algolia API Keys
    • Week 15 - GraphQL Introspection
    • Week 16 - Naming BurpSuite Repeater Tabs
    • Week 17 - GoBuster Tips
    • Week 18 - Burp Request to Python Script
    • Week 19 - Customizing Nikto Scans
    • Week 20 - Google Phishing Page
    • Week 21 - Google BITB
    • Week 22 - XSS Through SVG File
    • Week 23 - FoxyProxy Extension
    • Week 24 - CSP Bypasses
    • Week 25 - Pilfering LocalStorage with XSS
    • Week 26 - Cloud SSRF
    • Week 27 - Blind XSS
    • Week 28 - Firebase Misconfigurations
    • Week 29 - XSS to CSRF
  • Week 30 - SQLMap Debugging
  • Week 31 - WayBack Machine
  • Week 32 - O365 BITB
  • Week 33 - Burp Intruder Attacks
  • Week 34 - GraphQL Bruteforcing
  • Week 35 - User Accounts
  • Week 36 - CVE Submission
  • Week 37 - Second Order SQLi
  • Week 38 - Out of Band SQLi
  • Week 39 - Broken Link Hijacking
  • Week 40 - JWT Testing
  • Week 41 - BURP ATOR
  • Week 42 - ProxyChains
  • Week 43 - CSS Keylogging
  • Week 44 - SVG SSRF
  • Week 45 - Request Smuggling
  • Week 46 - XSS Payloads
  • Week 47 - DNS Re-binding
  • Week 48 - SSRF Bypass
  • Week 49 - File Upload Bypass
  • Week 50 - CRLF Injection
  • Week 51 - HTML to PDF
  • Week 52 - Parameter Pollution
  • Week 53 - Pre-Account Takeover
  • Week 54 - Race Conditions
  • Week 55 - SQLi to RCE
  • Week 56 - Cloud SSRF PrivEsc
  • Week 57 - Response Queue Poisoning
  • Week 58 - Directory Traversal
  • Week 59 - File Upload -> CSRF
  • Week 60 - Modern CSRF Attacks
Powered by GitBook
  1. Weekly Tips

Week 6 - XSS Types

PreviousWeek 5 - CSRF ExplanationNextWeek 7 - Advanced SQLMap

Last updated 2 years ago

Types of Cross Site Scripting

I have a little something to make your day better: a summary of the types of Cross-Site Scripting! Reflected XSS: Occurs when an attacker can inject JavaScript code into the GET/POST parameters of an HTTP Request, which will then be rendered (by the server) within the page’s source code. To use this maliciously an attacker must trick a user into running the specific payload within the vulnerable parameter (Example: localhost/index.php?vulnerable=”><script>alert(1)</script>) Stored XSS: When an attacker’s JavaScript payload is stored within the server or database (Example: submitting a comment on an Amazon product). Then, when this payload is called by the server and placed on the page, it executes as JavaScript. This is the most severe form of , since the payload will run every time the page is loaded, meaning an attacker will not have to trick a user into loading a specific request with the vulnerable parameter. The server takes care of it for us. DOM-Based XSS: Occurs when an attacker’s JavaScript payload never reaches the server and is instead included within an application’s source code by existing JavaScript on the page. Usually, vulnerable JavaScript within a website will pull our payload from a GET parameter or hash (localhost/index.php#this-is-a-hash) and place it directly onto the Document Object Model, where it is then executed. Self XSS: A user is tricked into copying and pasting the attacker’s payload into their browser’s developer console. This is commonly used by scammers and requires an unknowing user’s full compliance.

#XSS
Page cover image
SRC:
https://www.researchgate.net/figure/Example-code-and-XSS-attacks_tbl1_232644887