Scribd
Upload
12 views7 pages

XSS Report

The document is an XSS report detailing the types of Cross-Site Scripting attacks, including DOM Based, Reflected, and Stored XSS. It provides a step-by-step demonstration of exploiting XSS vulnerabilities using a web application called DVWA on Metasploitable2. The report highlights the effectiveness of various techniques to bypass security measures and execute malicious scripts within the application.

Uploaded by

usamahassanoffi
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views7 pages

XSS Report

The document is an XSS report detailing the types of Cross-Site Scripting attacks, including DOM Based, Reflected, and Stored XSS. It provides a step-by-step demonstration of exploiting XSS vulnerabilities using a web application called DVWA on Metasploitable2. The report highlights the effectiveness of various techniques to bypass security measures and execute malicious scripts within the application.

Uploaded by

usamahassanoffi
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Prepared by: Usama Hassan

Submitted to: Hassan Chishti


Assignment Type: XSS Report
Tool Used: Manual Testing

Date of Submission: 11 September 2025


XSS (Cross-Site Scripting): Cross Site scripting is a method of attack that is been performed
over the web applications to add your own payload/ malicious code inside the web
application. The scripts used in this method actually reacts with the website’s HTML / JS
code within that site and make that payload a part of that site, that later reacts and performs
the attack. There are 3 types of XSS attacks,

- DOM Based XSS: Document Object Model XSS is an attack that injects the JavaScript
written malicious code inside the web application using the URL of that site and the
user input section in the site.
- Reflected XSS: Reflected XSS is a type of attack that causes the web application
malicious by injecting the malicious script in the web app and it is injected via the
comment boxes, login sections, or any other input section.
- Stored XSS: Stored XSS is the same as the reflected one, just a difference is it get
stores inside the web app’s code which later, every time reloaded the site, reacts and
do the malicious acts on site.
Demonstration Steps:
Step 1:

We will start the dvwa web application, that is running on Metasploitable2,

- We will first go to that web site using the metasploitable2 IP with /dvwa.
- It will ask for the login credentials. Enter the credentials and get logged in to
the web application.
- Set the security level to medium and go to the XSS Reflected section.

Reflected XSS
Step 2:

- Now just enter any name to check for the the source code that how it shows
that name.
- We can see that the name we written shows under the <pre> tag.
If we use the script tag it will surely react with the code and produce and reflect on the screen
what we want to.

Step 3:

- Use the script tag and try to create an alert to see what error comes.
- <script>alert(“This page has been Hacked”)</script>

You can see that the script tag has been filtered out of the code. It means there are some
sanitizations have been implicated and the security is not allowing to execute our code.

Step 4:

- Now, we will use the same script with some alteration.


- <Script>alert(“You have been hacked”)</Script>

We got two of our scripts not working, so we will use it with some different techniques as the
script tag is being ignored in the code.
Step 5:
- Now, we will first close the script tag and then use the nested script tag.
- </script><sc<script>ript>alert(123)</script>
- And you see it popped up my code.

So, if we can bypass the code logic we can insert our script inside the web application.

XSS Stored:
Step 6:

- Now, move to the XSS Stored section with the same medium security.

Step 7:

- Now we will use the same scripts in the message box to see the reaction.
- <script>alert(123)</script>
- This script just broked out and didn’t work.

And you can see clearly in this page’s source that it sanitizes and filters out the scprit tags
and replace them with empty string.

Step 8:

- Now, we will use the same script but with the capitalize words or use the cammel
case to manipulate the script.
- But, we will use this in the name tab, by increasing the characters length manually
from the inspect.
- <Script>alert(123);</Script>

And you can clearly see, it has bypassed that filter by the Caps key. Means the developer
has not enterted the filter for the Caps keys. This can easily Intrude into the web
application’s database using any malicious script and can steal the sensitive data.

You might also like