Member-only story

TryHackme — Cross-Site Scripting

Malicious Script Injection

Mukilan Baskaran
InfoSec Write-ups
3 min readJan 3, 2022

--

Non members get free access link

Welcome back amazing hackers with the prosperous new year 2022. I came up with a cool blog on the interesting topic of cross-site scripting.

One of the security vulnerabilities found on the web application. Attackers use these malicious scripts and must be executed into the victim machine.

Types involve in cross-site site scripting are :

  1. Stored XSS
  2. Reflected XSS
  3. DOM XSS

Cross-Site Scripting can do many things like :

  1. Cookies-Stealing — Using cross-site scripting which can steal cookies from the unauthenticated sessions.
  2. Keylogging — Using cross-site which makes for capturing keystrokes.
  3. Web-Cam Snapping — Taking snapshots from compromised machine
  4. Phishing — Attackers insert fake login forms in a legit website or redirect into a malicious website.
  5. Port-Scanning — It is used for scanning the internal networks and identifying lists of hosts present in a network.
  6. Other-browser exploits

Stored XSS:

--

--

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

No responses yet

What are your thoughts?