Skip to content

Latest commit

 

History

History
81 lines (48 loc) · 3.02 KB

File metadata and controls

81 lines (48 loc) · 3.02 KB

DOM XSS Exploitation using Web Messages

This repository contains the solution and documentation DOM XSS Exploitation using Web Messages Project File. The objective is to exploit a DOM-based Cross-Site Scripting (XSS) vulnerability using web messages to trigger a specific function (print()) on a target site.


Problem Statement

The project demonstrates a DOM XSS vulnerability in a web application that listens for web messages. The vulnerability allows an attacker to craft malicious messages that are executed without proper sanitization, leading to the execution of arbitrary functions.


Features

  • Understanding the Vulnerability
    Analyze how web messages are handled unsafely in the target web application.

  • Crafting Exploits
    Generate malicious payloads to exploit DOM-based XSS vulnerabilities.

  • Automated Exploit Delivery
    Use an iframe and the exploit server to deliver malicious messages seamlessly.

  • Detailed Explanation
    Comprehensive insights into the working of the exploit and how it leverages the vulnerability.


Steps to Solve the Lab

  1. Understand the Vulnerability

    • The homepage listens for web messages using the addEventListener() function.
    • Incoming messages are inserted into a <div> with the ID ads without sanitization, enabling a DOM XSS vulnerability.
  2. Craft the Exploit

    • Create an iframe with a payload containing an invalid <img> tag.
    • Use the onerror attribute to execute the print() function.
  3. Set Up the Exploit Server

    • Use the exploit server to host the malicious iframe and payload.
  4. Deliver the Exploit

    • Save and deliver the exploit to the victim using the exploit server.
  5. Monitor the Result

    • Verify that the print() function is successfully executed, confirming the lab solution.

Exploit Code

 ```html
<iframe src="https://0af20055030da45b81a4941e009900be.web-security-academy.net/" 
onload="this.contentWindow.postMessage('<img src=1 onerror=print()>', '*')"></iframe>

Key Points

  • Vulnerability Type: DOM-based Cross-Site Scripting (XSS)
  • Method Used: Web messaging with iframe payloads
  • Outcome: Successful execution of the print() function through a crafted payload

Prerequisites

  • Basic understanding of web vulnerabilities and DOM-based XSS
  • Access to the exploit server provided in the lab environment

Disclaimer

This project is intended for educational and ethical purposes only. The methods and techniques demonstrated here should only be used in controlled environments where explicit permission has been granted.

Unauthorized testing, exploitation, or use of these techniques on real-world systems without proper authorization is illegal and unethical. The authors and contributors of this repository are not responsible for any misuse or damage caused by the information provided here.

By using this repository, you agree to adhere to all relevant laws and regulations and to practice responsible and ethical cybersecurity.