Cross Site scripting is one of the problem that has plagued a lot of websites. According to WhiteHat Security Top Ten more than 50% of the websites are vulnerable to cross site scripting. As a web developer, it is important to understand what is cross site scripting and how can we safeguard our site from such attacks.
TextBox (input controls)
Retrieved data from an external or shared source
Now let us see some very rudimentary example of cross site scripting and then we will try to see what ASP.NET provides to prevent cross site scripting. We will also look at the best practices that needs to be followed in order to make our website safe from cross site scripting attacks.
Google Dorks :
Basic Codes That Can Use
or your Deface Page Script can do its better i think..
<font color="Red">Your Message<font size="7">
LoL not working lets try Bypassing Querys
If there's no pop up box
try using this Codes with bypass
So Its blocked!! Lets move to other XSS attack!!
Some bYpassing Query's
There are something more just search it..
Defacing Code XSS
There are few ways which can be used to deface a site when you find a XSS vulnerability.
1) Makes A Picture Pop-Up:
2) Replace The Content Of The Page By An Image: (TROLLED Face Gif)
Ill get an image first...ill use my Defacepage Photo its working Nice with that trolled face
3)Redirect To A Website
its not working... Too bad Anyway its done.
LIVE TARGET :
XSS Vulnerable Scanner Online :
Try other browser like Google Chrome or Mozilla firefox i think it PoP UP a Box with a message
This video is Requested by
Indo Bros Thanks Have Fun!!