Notice the search function and perform a DOM Based XSS or “Client Side XSS” attack to see if it is vulnerable.
First, we perform a standard search.
Copy to Clipboard
From our standard search, we notice that the search query parameter (query string) is:
q=
Let’s craft our Client Side XSS attack using the search query parameter and the JavaScript code included from the Score Board page.
Copy to Clipboard
Technical Communicator at CyberTutorials.org at CyberTutorials.org
I have many years of experience as a criminal investigator, evidence custodian, IT administrator, and as an information security specialist.
I've performed dozens of digital forensic examinations on cases involving criminal matters such as murder, domestic terrorism, sexual assault, child exploitation, CSAM, CSEC, illegal wiretapping, bomb threats, kidnapping, military, corporate, and casework from alphabet agencies such as the FBI and DEA.
I've performed dozens of digital forensic examinations on cases involving criminal matters such as murder, domestic terrorism, sexual assault, child exploitation, CSAM, CSEC, illegal wiretapping, bomb threats, kidnapping, military, corporate, and casework from alphabet agencies such as the FBI and DEA.
Latest posts by Jesse Shelley (see all)
- Symmetric Encryption –Bidirectional Python Socket - April 27, 2022
- Python Socket Programming – Simple Bidirectional Communication - April 27, 2022
- Python wpnuker a collection of WordPress Pentesting Tools - April 19, 2022
Leave A Comment