Stored Cross-Site Scripting (XSS) # 2
This lab shows step-by-step how to identify and exploit a Stored Cross-Site Scripting (XSS) vulnerability on the Damn Vulnerable Web Application (DVWA) to redirect victims to third-party websites. During this lab, the Security Level of the DVWA is set to MEDIUM.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is intentionally vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
Why are Cross-Site Scripting (XSS) important?
XSS is one of the most prevalent type of weaknesses found in the wild. Even in 2019, XSS is considered a major threat vector. According to HackerOne, XSS was the most common vulnerability type discovered by hackers using their platform from 2013 to 2017. The consequences of a successful XSS attack vary depending on the nature and sensitivity of the data handled by the affected web application.
What you will learn?
- What is Stored XSS.
- How to identify Stored XSS vulnerabilities.
- How to exploit a Stored XSS vulnerability to redirect victims to third-party websites.
References
- https://portswigger.net/web-security/cross-site-scripting
- https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
- https://www.owasp.org/index.php/Testing_for_Stored_Cross_site_scripting_(OTG-INPVAL-002)
- https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
Technical Details
This scenario contains one virtual machine.
VPN Connection Required: Yes
Scenario Pre-requisites
In order to benefit from this scenario it is recommended you have competence in the following areas:
1. Basic understanding of the HTTP protocol
2. How web applications work behind the scenes
3. How to use an HTTP Intercepting Proxy
