DVWA: XSS: Difference between revisions

From OnnoCenterWiki
Jump to navigationJump to search
← Older editNewer edit →
Onnowpurbo (talk | contribs)
69,477 edits
Onnowpurbo (talk | contribs)
69,477 edits
No edit summary
Onnowpurbo (talk | contribs)
69,477 edits
Line 34: Line 34:
  <td><textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"250\"></textarea></td>
  <td><textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"250\"></textarea></td>


==Di sisi Kali Linux==


===Enable Javascript di Browser==
Preferences > Content > Uncheck - Block pop-up windows


==Referensi==
==Referensi==


* http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson9/index.html
* http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson9/index.html

Revision as of 03:15, 27 May 2017

sumber: http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson9/index.html

Tujuan

  • Test a basic cross site scripting (XSS) attack
  • Test an iframe cross site scripting (XSS) attack
  • Test a cookie cross site scripting (XSS) attack
  • Create a php/meterpreter/reverse_tcp payload
  • Start the php/meterpreter/reverse_tcp listener
  • Upload the PHP payload to the DVWA Upload screen
  • Test a PHP Payload cross site scripting (XSS) attack


Di sisi DVWA

Cek IP

ifconfig


Fix Stored Cross Site Scripting (XSS) Comment Box

Edit index.php 

cd /var/www/html/DVWA-1.9/vulnerabilities/xss_s/
vi index.php

Ubah

<textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"50\"></textarea>

menjadi

<textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"250\"></textarea>

Di sisi Kali Linux

=Enable Javascript di Browser

Preferences > Content > Uncheck - Block pop-up windows

Referensi

Retrieved from "https://lms.onnocenter.or.id/wiki/index.php?title=DVWA:_XSS&oldid=48187"