Hacker

Website Hacking – What is Cross Site Scripting (XSS)?

Cross site scripting(XSS) is a very serious issue faced by big companies like Facebook, Twitter, Google, Microsoft, etc in the past.

XSS is still a very major vulnerability faced by many websites on the Internet these days.

So, what is this Cross site scripting? Why is it soo dangerous?

In XSS, an attacker injects malicious script in a webpage’s source code. A website is vulnerable to XSS if the user input is not treated properly, and if the html tags are not escaped.

The script tag in html is used to include javascript in webpages. Javascript is browser oriented, which means your browser will execute this javascript code whatever is written in the webpage’s HTML.

A hacker can make use of XSS to inject malicious javascript. With this javascript, he can display popups on the website, deface the website, and many more….

The worst thing is that a hacker can also steal users cookies by injecting a malicious javascript code into the webpage’s HTML. What this javascript can do is, it steals the users cookies and sends it to the hacker’s database. Though no text appears once the comment is posted, the malicious javascript is actually injected to the webpage’s HTML and it is ready to steal cookies of people. If you don’t know what are cookies and how critical they are, just do a google search.
Briefly, cookies are some strings used by websites to identify their users. So, if a hacker has your cookies, he can impersonate you on that particular website. In simple words, if the hacker steals your Facebook cookies, he will be able to login to your Facebook account without entering your password.

Image If this vulnerability existed in Facebook now, taking over user’s Facebook accounts would have been as easy as making a comment under a Facebook post with a simple line of javascript! Whenever someone sees this Facebook post with your comment, their cookies are sent to your database and their account is compromised.

Obviously Facebook or Twitter or any big company is not vulnerable to this kind of simple XSS now , but there are times when these sites are actually vulnerable to this simple attack and sh*t happened!

And yes, there are many websites on the Internet which are still vulnerable to XSS. And they must be fixed ASAP to maintain their web security.

Visit my website : https://techraj156.com
Like my Facebook Page : https://fb.com/techraj156
Follow me on Instagram : https://instagram.com/teja.techraj
Follow on Twitter : https://twitter.com/techraj156
For written tutorials, visit my blog : http://blog.techraj156.com

SUBSCRIBE for more videos!
Thanks for watching!
Cheers!
Video Rating: / 5

Are you looking for products for hacking, cybersecurity, and penetration testing? Do you need to cleanse your smartphone, PC, or website from viruses and malware? Do you need to track down a person or recover urgent information? Do you need to regain control of an account, email, or password that has been stolen from you? Interested in purchasing pre-configured devices to easily and quickly experiment with hacking techniques? Do you have specific requirements in software or hardware? We can assist you!

Contact us immediately for immediate assistance: provide us with details via email or WhatsApp about the type of support you need, and we will respond you promptly!

Fill out and submit the form below to send us an immediate support request

Write your email address here

Write here how we can help you - we provide immediate support for all your needs!

chevron_left
chevron_right
Send us a WhatsApp!