If you have been hanging around the Internet as much as you should have (to be a hacker, at least), you would have at least heard of this term. This allows the attacker’s input to be sent to unwary victims.
The primary use is cookie stealing - and no, not the type your sadistic older sibling does. Once the attacker steals yours, they can log into the site the cookie is stolen from using your identity and under the right conditions.
This vulnerability can be determined using the site’s search facility. Try feeding it with some HTML, such as “<font color=green>XSS</font>”. If the word XSS comes up, then the site is vulnerable. Else, you need to find a different way in.
No comments:
Post a Comment