-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Offensive XSS 101
IMC GrahamPhisher.com
IMC Security Team
InsaneMasterminds.com
GPCO@Ymail.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Introduction - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Cross site scripting, better known as XSS, is one of the 
webs most common vulnerabilities found in websites. XSS 
allows a attacker to inject a script into a victims site, 
the script is usually made in JavaScript (usually for 
re-directing the website or, logging the login details 
of everyone who logs on into the site, a popular method 
today since the attacker won't have to do any decrypting.), 
or HTML (usually just used for defacement purposes). 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Finding Vulns - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Now we get onto finding XSS vulnerabilities in websites, 
warning don't go doing this on some super duper haxor site, 
you'll look like a clown and will probably be offline for 
the weekend. Anyways the first step for looking for holes, 
is usually in the site's search, shout-box, bulletin boards, 
and basically anywhere your able to post content. Enter a 
random HTML  tag, and see if the board executes it, if it 
does you found a hole! 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Moddifying Posts - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Modifying post parameters is another way of finding XSS vulns, 
because some web developers might not cut off HTML/JS in 
something like the date of post, authors name, and whatever 
else is available to you when submitting content. A coo tool 
you can use for this is called Tamper Data, a "addon" for 
Firefox, basically all you do is open Tamper Data after adding 
it to Firefox, and press Start Tamper, so when you post it will 
allow you to edit the post parameters to test for XSS 
vulnerabilities. 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Discovered - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Sometimes you don't even have to look for cross site scripting 
vulnerabilities, popular web portals such as Packet Storm, might 
have papers that show you already discovered vulns in popular 
web applications you might be trying to exploit. 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Breaking Filters - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Some web developers might be smart and add filters, and tags that 
cut off XSS. You can usually get around these through using end 
tags, character encoding in, decimal, hex, ASCII, and Base64, and 
sometimes developers only disable Javascript and not HTML, which 
in this case you can try injecting JavaScript inside a HTML tag. 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
JS&HTML - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

If you have no idea about Javascript or HTML, you can use google, 
search XSS Cheat Sheets, and find some cool XSS tricks you can try 
on a target. W3Schools.com is great place where you can learn 
JavaScript n HTML. Another question that arrived to me was that 
can you use CSS in cross site scripting to change the background 
image, and such, yes but you must wrap it in head tags. 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thee End - Offensive XSS 101
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Anyways that's Offensive XSS 101, just a note I like to leave to 
everyone, knowing this does not make you a "hacker, or cracker" 
Being able to break security doesn't make you a hacker anymore than 
being able to hotwire cars makes you an automotive engineer, says
Eric Raymond.

-GrahamPhisher