0

Hello, I am not sure this is the right place to ask or not but I find it the most relevant compared to any other subforums.

I have this assignment to demonstrate simple XSS (cross site scripting). I have to craft an URL that would display a webpage, but some of its content has to be modified. I can't redirect it to a copy of that web page that has been modified, it has to link to the given website.

I have been looking for information in the past 90 minutes but none of the pages I found describes how to do this, they often talk about the more complex version of XSS

Anyone familiar with this?

2
Contributors
1
Reply
2
Views
8 Years
Discussion Span
Last Post by digital-ether
0

Hello, I am not sure this is the right place to ask or not but I find it the most relevant compared to any other subforums.

I have this assignment to demonstrate simple XSS (cross site scripting). I have to craft an URL that would display a webpage, but some of its content has to be modified. I can't redirect it to a copy of that web page that has been modified, it has to link to the given website.

I have been looking for information in the past 90 minutes but none of the pages I found describes how to do this, they often talk about the more complex version of XSS

Anyone familiar with this?

You need to first create a webpage with an XSS vulnerability. This is any dynamic website that displays input from HTTP as is.

eg in PHP:

<?php 


echo $_GET['xss_me_please'];

?>

Now in your url you just pass anything to xss_me_please...

eg:

http://example.com/page.php?xss_me_please=this_is_xss<script>alert('hi');</script>

Its up to you to get creative with it and demonstrate something more realistic.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.