Saturday, May 20, 2017
Check whether a site is XSS vulnerable or not
Check whether a site is XSS vulnerable or not
XSS is a method to hack sites which most of the newbie programmers dont know. Here is a quick way to identify if a site is vulnerable to it. Go to a site which offers searching or other GET parameters which are outputted in the sites page.
Instead of the value in one of the GET parameter use the following value :
This trick can be also used in POST type parameter by injecting the code mentioned to the input field.
Instead of the value in one of the GET parameter use the following value :
<h1>XSS Vulnerability checker by Subin Siby<h1><script>alert(Site is XSS Vulnerable)</script>For example a site with the GET parameter query with value subins and the url will be :
http://subins.com/search.php?query=subinsFor such a site you have to replace the parameter value with this:
<h1>XSS Vulnerability checker by Subin Siby<h1><script>alert(Site is XSS Vulnerable)</script>If the site outputs the GET type parameter then you will get a javascript alert. The alert means that the site is vulnerable to XSS.
This trick can be also used in POST type parameter by injecting the code mentioned to the input field.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment