Skip to content →

Tag: application security

XSS Session Hijacking Part II

In Part I of this series, we learned how to create two modern cookie stealers for stealthily carrying out session hijacking attacks. Although highly effective in many cases, both cookie stealers were useless against websites that employ HttpOnly session cookies. In this tutorial, we’re not going to be focusing on stealing sessions. Instead, we’re going to learn how to log keystrokes in realtime using WebSockets, as well as map keystrokes to specific DOM elements.

Leave a Comment

Reflected XSS Through iFrame

Imagine we are targeting an instance of Damn Vulnerable Web App on an enterprise network. In this totally realistic scenario, there is also an instance of Web Cal running on the same network. The Web Cal instance is vulnerable to clickjacking. To gain access to DVWA, we can create a malicious web page that masquerades as the Web Cal instance using an iframe. We then could place a second iframe into the page that executes a reflected XSS attack against the target DVWA instance on page load. We could then use social engineering to trick a user into navigating to our fake Web Cal page, and by doing so steal the user’s DVWA session.

Leave a Comment