Our social:

How to find and defect xss vulnerable website ?

Hello friends...!! Welcome to HackHackers...!!

In this article we are going to learn how you can find XSS vulnerable  website and how you can defect it . Before moving forward You can also read my previous article that is about what is cross site scripting attack in this article i explained some basics about XSS attacks and i also cover some topics like How to find XSS vulnerable  site and how to do XSS attacks ? , i will move forward in this article and i will tell you in very easy step . I don't want to edit my previous article because it is very good ( I think ) . Now i am skip this boring part and Start How you can find a XSS vulnerable  site and easily Hack it .






Now to do XSS attacks you need a website .. i mean don't your website but someone else's website to do your XSS attacks .. am i right ?

Now in this Security world Everyone is not fool . Everyone loves their security and for this reason Most of sites that are available on internet is not accepting XSS attacks ?  Now what to do ? How to fond XSS vulnerable website ? 


It is pretty simple..!! you have to do almost nothing . now , you have a question that how it is easy ? i will explain . you don't have to do so much hard work to find xss  vulnerable website . for example , you are visiting a website suppose it is hackhackers.com now you want to check is this site is excepting XSS attacks ? So for checking that is any respected website is excepting a XSS attacks you have to just submit attack characters in search box : <> " ; ()

After you submit this character view the server answer .you can check it by right click on RESULT and doing inspect element . and if it will show RESULT FOR <> " ; () then it is good news . it means Server is not filtered all the characters that i entered , so we can easily tell that this site is excepting  vulnerable to XSS.

Next step is to submit java script code. Enter following code in search box.

<script>alert(1)</script>
<script>prompt(/xss/)</script>

Note : If search box has limited character then you can increase it by doing inspect element on search box. and you can easily increase the size of search box.

It will pop up . like this



Now we have cover how you can find and submit the java script code . Everyone's knows up till now 
but very few of us knows that how you can actually defect the site which is XSS vulnerable. 

You have a listen  or read so many stories about how hacker hacked website and he change the background of it's website . Now at that time you are dreaming that once i want to do that. yes, you can change background image of  XSS vulnerable website it is very easy . just paste below code and change the path  of image .

<script>document.body.background="image path"; <script>

You have to change the "image path" with your path of image.


2nd thing is you can easily redirect XSS vulnerable site to your website ( Don't dare ) or any other website. by entering following javascript code. you have to just enter it on search box and don't forgot to change website link with the link of website that you want to redirect.

<script>window.open("website link")</script> 

Now if you want to change the color of XSS vulnerable website then you can easily do that . by entering following code in your browser you can easily change the background color of XSS vulnerable website .

<script>document.body.bgcolor="red";</script>

If you want to manually add image then you can easily do that with following code .

<IMG SRC ="source code  (path )of image>

Done.


That's it friends..!! hope you like it..!! if you face any difficulty then let me know in comment box...