How To Search For DOM-Based XSS!
Рет қаралды 44,763
👩🎓👨🎓 Learn how to find DOM-based cross-site scripting vulnerabilities. We are looking at the browser's developer tools, the Javascript debugger, and the concept of sources and sinks!
Overview:
00:00 Intro
00:29 Inspecting Sources
02:15 DOMXSS Wiki
02:44 Location.search
03:44 Inspect the DOMXSS source
05:25 Using the Debugger
06:16 Inspecting the DOMXSS sink
07:10 Exploiting the vulnerability
07:49 Summary
For more information, check out blog.intigriti.com/hackademy/cross-site-scripting-xss/dom-based-cross-site-scripting/.
🔗 DOM-XSS Wiki: github.com/wisec/domxsswiki/wiki
🔗 Portswigger XSS Challenge: portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink-inside-select-element
---
🧑💻 Sign up and start hacking right now - go.intigriti.com/register
👾 Join our Discord - go.intigriti.com/discord
🎙️ This show is hosted by PascalSec (@Hacksplained) & intigriti
👕 Do you want some Intigriti Swag? Check out swag.intigriti.com/
@UnknownSend3r 2 жыл бұрын
BRILLIANT! two days of surfing the web to understand it and you explained it in under 10 mins. just subbed!
@intigriti 2 жыл бұрын
Awww, glad to hear that 😇. Thanks, more easy to understand videos to come!
@Truth_Seeeker Жыл бұрын
two days worth it bro
@salman2464 2 жыл бұрын
Best XSS methodology explanation I’ve found in Years. Great work Bro, kudos for Intigriti 👍
@intigriti 2 жыл бұрын
Ohh wow 😊. in years? Thanks for that super lovely feedback!! More videos to come 😇
@user-ev6fj4bt7x Жыл бұрын
That video just saved me from hours of headaches. It is much more detailed then the writeup for that lab. Thank you
@intigriti Жыл бұрын
Thank you very much for that great feedback! ❤️ super glad it helped you!
@exohive5608 Жыл бұрын
Been working on this lab too; was focused too much on the additional js files at the end of the script. You’ve explained it well! Thank you!
@intigriti Жыл бұрын
Awesome, glad it helped 💜
@jmcsmtp 2 жыл бұрын
Excellent explanation. Thank you so much. I have been a researcher for years and have searched almost an equal amount of time for a simple explanation of DOM XSS. This tutorial is even better than the training material provided by PortSwigger. Well done.
@intigriti 2 жыл бұрын
Thank you so much for your very kind words! This feedback is really heartwarming! Coming from Pascal ❤️
@dennismunyaka6537 2 жыл бұрын
surely did learn something new. awesome content well articulated
@intigriti 2 жыл бұрын
Thanks Dennis 😎 We are glad you like it!
@lucasGAM1005 2 жыл бұрын
one of the best practic explanations I've ever seen
@intigriti 2 жыл бұрын
Thank you very much! We really appreciate that 😇
@reubenroyal4234 Жыл бұрын
This video was put together very well. It is thoroughly and simply explained. It is really hard to find this quality content online for cybersecurity
@intigriti Жыл бұрын
Thanks a lot Reuben ❤️
@lucanicolini4721 2 жыл бұрын
Great explanation! Thank you!
@intigriti 2 жыл бұрын
Thank you very much for your kind words 🥰
@amol5436 2 жыл бұрын
really great explanation. thanks a lot for making such videos, it helped a lot..cheers..
@intigriti 2 жыл бұрын
You are very welcome! :) We are glad it helped 😇
@lesleybw 2 жыл бұрын
Excellent explanation.
@intigriti 2 жыл бұрын
Glad you liked it ❤️
@CALVIS-1 Жыл бұрын
Thanks sir ,😇 You earned my respect!
@intigriti Жыл бұрын
Thank you very much. That's very kind of you ❤️
@kiki-ig8fq 6 күн бұрын
Nice video would be nice to include how to fix these as well
@camelotenglishtuition6394 2 жыл бұрын
So much better than the portswigger video. You're an angel!
@intigriti 2 жыл бұрын
Thank you very much for those kind words ❤️
@camelotenglishtuition6394 2 жыл бұрын
@@intigriti anytime dude have a great day
@AshishSingh-jq6de 2 жыл бұрын
Great man 🔥
@intigriti 2 жыл бұрын
Thank you Ashish 🥰
@user-ns5ti4uj3h Жыл бұрын
Good one! Amazing for me!!!
@intigriti Жыл бұрын
🙏🥰
@meljithpereira5532 2 жыл бұрын
Awsme explain .. 💐
@intigriti 2 жыл бұрын
Thanks a lot 😊 We really appreciate your feedback!
@JITHUC2000 Жыл бұрын
Good one! Thanks
@intigriti Жыл бұрын
You're welcome! 😇
@TheBroadwood Жыл бұрын
What a great explanation. Especially the part where you show us how to use the debugger. But i have one question... isn't this example a little bit unrealistic? I mean the GET-Request only includes one parameter (productID). The serverside Javascript also already includes all stores in an array, so what practical purpose exists when a user is able to alter the list options? It's still great for teaching purposes.
@intigriti Жыл бұрын
Thank you very much ❤️ The lab by Portswigger was definitely designed to be simple. We agree with that. But you need a simple demonstration to start grasping the concepts!
@HamsterLover1337 8 ай бұрын
Amazing video, best of the best Ive seen on the topic. But could you explain in another video what the real dangers are that come from different kinds of XSS (reflective, stored (DOM)) being possible? Such as stealing cookies, abusing SOP when CORS is misconfigured, etc?
@intigriti 8 ай бұрын
Thank you! Request noted ✍
@rangelbatista4594 Жыл бұрын
Thank you.
@intigriti Жыл бұрын
You're welcome! 💪
@mehkpentester5824 7 ай бұрын
Thank You
@intigriti 7 ай бұрын
Welcome! 💜
@creationofislam Жыл бұрын
Thank you
@intigriti Жыл бұрын
You're welcome!!
@JuanBotes 2 жыл бұрын
Thanks once again for great content - I am really late to the party \o/
@intigriti 2 жыл бұрын
No worries! We are glad you are watching at this point 😇
@sahariarhasan2624 Жыл бұрын
Amazing
@intigriti Жыл бұрын
no, you! 💜
@br_nidas 25 күн бұрын
thx!
@intigriti 25 күн бұрын
Welcome! 💜
@siefkhaled1374 7 ай бұрын
amazing
@intigriti 7 ай бұрын
Thank you!
@gdfghgfdti3097 2 жыл бұрын
Goooooooood :)
@intigriti 2 жыл бұрын
Thank you very much! Keep watching all our videos 🙏🏻
@PrakashKumar-se1qk Жыл бұрын
It was damn good 😍
@intigriti Жыл бұрын
Thank you so much 😇 Please share it with your community!
@mehadi0187 2 жыл бұрын
perfect
@intigriti 2 жыл бұрын
thanks a lot 😇
@Amir-qm5ns 2 жыл бұрын
but how do you know what payload to use? tags, etc i mean, i found it is may be dom xss, but how do i know how to use the right payload?
@intigriti 2 жыл бұрын
You usually have a set of payloads in mind and you try them out and see how the app reacts. Another great resource is portswigger.net/web-security/cross-site-scripting/cheat-sheet
@Amir-qm5ns 2 жыл бұрын
@@intigriti thanks for the answer, what do you mean how the app react? what do you usally check for see and confrim there is some suspious reaction?
@CyberSecForce Жыл бұрын
Nice
@intigriti Жыл бұрын
Thanks 😇
@newuser2474 Жыл бұрын
Great
@intigriti Жыл бұрын
Glad it helped!
@satriawinarah1894 2 жыл бұрын
Sorry I still don't understand. What we are doing is just in our browser, right? How can it affects another people browser? Because what I got is, we temper it after the server give the response which means only in our browser (in client side only) I understand about the common XSS, like a comment section case. We are successfully injected a script that will stay in the website for so long until another people open the same page and load all the injected script.
@intigriti 2 жыл бұрын
This vulnerability needs you to send the malicious URL (containing the XSS payload) to your victim. The victim then needs to click on it in order to get exploited. The most typical way this is happening in real-life is via an email phishing attack. However, you could also e.g. host that malicious URL on your own website and lure people into visiting that.
@satriawinarah1894 2 жыл бұрын
@@intigriti Thank you for the explanation Still wondering, if we need to send the script via a phishing attack, why do we still need to find the vulnerability as shown in the video?
@eyadhussien1055 2 жыл бұрын
King
@intigriti 2 жыл бұрын
Coming from @hacksplained: "Thank you very much, I really appreciate it!" 🔥
@kunjanvarma78 Жыл бұрын
❤️
@intigriti Жыл бұрын
❤️
@squattingnomad6298 Жыл бұрын
How do you prevent the injection?
@intigriti Жыл бұрын
Hey there, have a look at cheatsheetseries.owasp.org/cheatsheets/DOM_based_XSS_Prevention_Cheat_Sheet.html.
@itsm3dud39 2 жыл бұрын
how to inspect source in firefox?
@intigriti 2 жыл бұрын
E.g. by clicking right click on your mouse! There's a couple of other methods but I let you google those. Googling is an important skill if you are a hacker!
@Jpkb6 Жыл бұрын
thanks jesuscrist!!
@intigriti Жыл бұрын
Thanks a lot ❤️
@lethalleet 2 жыл бұрын
First comment 🔥
@intigriti 2 жыл бұрын
🔥🔥🔥
@heuristicalgorithm8465 Жыл бұрын
confusing
@intigriti Жыл бұрын
Anything in specific that wasn't clear?
@heuristicalgorithm8465 Жыл бұрын
@@intigriti Where is img source script inserted in the source code? In the source itself? It's difficult to see in the vid. You can write to the website using both the source and sink? Also, How do you find that javascript debugger in Firefox? Thank you
@UCallMeChef Жыл бұрын
Start doing real world examples stop these bullshit vuln web apps
@intigriti Жыл бұрын
That would not be ethical and is not allowed by law. Those vulnerable boxes are directly derived from real life examples, so make sure to search for them in real applications!
@UCallMeChef Жыл бұрын
@@intigriti bug bounty’s
@trustedsecurity6039 7 ай бұрын
stop using portswigger labs... people come here to learn what DOM XSS is for example (xD) and they are spoiled the better labs they could find and they cant learn from them. I know it is pratical and everybody do it but that sucks. i stopped the video and a lot of others due to this...
@intigriti 7 ай бұрын
Hey, thanks for the feedback! We're still making Portswigger videos but it's now a lot clearer that the content is a practical run through a Portswigger lab (the title and description exactly match the lab, and include links to the relevant lab and learning material), which are also uploaded directly to the Web Security Academy.
@trustedsecurity6039 7 ай бұрын
@@intigriti cool but it doesnt change the problem, people will learn and see the solution of the best labs on the subject and will lose the preciois hands-on experience which make portswigger academy so good. Thanks for your all you do and love hunting on your platform :) the best one where triagers arent there to avoid payement :D
Oscar's Funny World
Рет қаралды 228 МЛН