Member Avatar for kryptolite

Hello, I am not sure this is the right place to ask or not but I find it the most relevant compared to any other subforums.

I have this assignment to demonstrate simple XSS (cross site scripting). I have to craft an URL that would display a webpage, but some of its content has to be modified. I can't redirect it to a copy of that web page that has been modified, it has to link to the given website.

I have been looking for information in the past 90 minutes but none of the pages I found describes how to do this, they often talk about the more complex version of XSS

Anyone familiar with this?

  • 2 Contributors
  • 1 Reply
  • 79 Views
  • 11 Hours Discussion Span
  • Latest Post Latest Post by digital-ether
Member Avatar for digital-ether

Hello, I am not sure this is the right place to ask or not but I find it the most relevant compared to any other subforums.

I have this assignment to demonstrate simple XSS (cross site scripting). I have to craft an URL that would display a webpage, but some of its content has to be modified. I can't redirect it to a copy of that web page that has been modified, it has to link to the given website.

I have been looking for information in the past 90 minutes but none of the pages I found describes how to do this, they often talk about the more complex version of XSS

Anyone familiar with this?

You need to first create a webpage with an XSS vulnerability. This is any dynamic website that displays input from HTTP as is.

eg in PHP:

<?php 


echo $_GET['xss_me_please'];

?>

Now in your url you just pass anything to xss_me_please...

eg:

http://example.com/page.php?xss_me_please=this_is_xss<script>alert('hi');</script>

Its up to you to get creative with it and demonstrate something more realistic.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.