Skip to main content

Once Google Was Hacked By This. | XSS Attack

By

XSS Attack

Hey, It's Me, Arshad Aman, back again and today we are going to discuss, what is XSS Attack and how it works? So, Let's get's started

What is XSS Attack

XSS Attack stands for Cross-Site Scripting Attack. This is one of the most dangerous attacks that can hack any website having this vulnerability. It is dangerous because it is very easy to perform and Simple XSS is easiest among them and it can be performed only be few lines of HTML and Java Scripts and it can be done in the web browser without installing any extra software to perform XSS Attack. To understand the XSS attack we should go through the Scripting and types of Scripting. 

What is Scripting

Scripting is a type of programming language that will support scripts and it was written for the special run-time environment and it helps to automate the task execution which gives relief to human as a human doesn't have to do the task manually.

It is of basically two types:-
  • Server Side Scripting:- This is a process used in web development in which scripts were used in the server to automate the task and it will create a response according to the user.
  • Client Side Scripting:- This is what you are now seeing. ya, your web browser, The scripting on your side to view and receive the response from the server, your browser need to be scripted for this. This is known as Client Side Scripting. The XSS Attack is done by Client-Side, but scripting is little different. We will discuss about it.
Now we have an idea about Scripting. So, now move to the XSS Attack.

How Hacker Do That

Actually what happens here? Have you ever used your inspect HTML while browsing and have you ever changed something there, If yes then you will see whatever change you have made there it will affect your website you are viewing but when you refresh or reload the website, your changes have been lost! This was lost because whatever changes you made is on your browser scripting, the server does not this scripting. What will happen if we will change the code in the server? Ya, the content we made will be there on the server.

In the website, there is a certain area where we can enter our text, like the search box, comment area, etc. In some website, if you will enter the HTML codes, the website will accept it, these websites are vulnerable to XSS Attack. suppose you will enter a word in a website, <b> Hello</b> and the website will show you text in bold, i.e. Hello, then the website is vulnerable to XSS Attack.

In this attack, the Hacker sends malicious scripts to the website and the website, if instead of taking the entered text as normal text, then the website will be hacked.

In simple language, Cross-Site Scripting means scripting done on the server by the third person, not by the admin of website.

Here image to understand:-

How to Be Secure

By proper treatment of the text, this vulnerability can be patched.

Interesting Facts

In an initial stage of big websites of today had been hacked by using this attack.
Big websites like Google, Facebook was Hacked by XSS Attack.

This is all for today. If you have any question, suggestion or you want that I should make a blog on your cyber topic then tell me in the comment section below. Hope you like this post. 

Share It To Everyone By Clicking The Share Button And Let Them To Know These Technical Things.


 Subscribe to this blog by giving the email address so that when an article is posted then you will be get notified.


 Thank You and Ba-Bye.........


Labels:

Comments

Post a Comment

Contact Form

Name

Email *

Message *

Popular posts from this blog

Social Engineering.What is it ?

By
Note:- This is only for Educational Purpose. I am not Responsible Whatever you do. Black Hat hacking and cracking and Black Hat SEO are illegal, You may be jailed for doing this. Social Engineering? => The Process of tricking or a good plan to get your work done is known as Social Engineering. This is very useful in our day to day life and it will make your life very. Social Engineering is used by every person like Shopkeeper, Whole Seller, Large Companies, Hackers & Crackers. We Will does not discuss shopkeeper or whole sellers or companies. As this blog is on Cyber Security So What Will We Discuss about. Ya, We will discuss Hackers and crackers. I will not tell you How they use but Why they use as our Honorable Google does not allow it. So, Let's Begin it? Why Social Engineering? =>Suppose you had made a virus and you told your friend to use, will your friend use it. If yes comment me below. But in most case, they will never use that vi...
Post a Comment
Read more

Zero Day Vulnerabilities| How to Be Safe?| Get Job with HUGE Salary.

By
Zero Day Vulnerabilities:- Hey, it's me, Arshad Aman, back again. Note:- This is only for Educational Purpose. I am not Responsible Whatever you do. Black Hat hacking and cracking and Black Hat SEO are illegal, You may be jailed for doing this.
Post a Comment
Read more

TOR | Dark WEB | You can Buy Spirit here......

By
Hey, it's me, Arshad Aman, back again.  Note:- This is only for Educational Purpose. I am not Responsible Whatever you do. Black Hat hacking and cracking and Black Hat SEO are illegal, You may be jailed for doing this. This is a technical blog but in the title, you had seen that I am going to tell that you can buy spirit. Ya, you had seen it is true. Here I am going to tell that You can buy a spirit on the internet. Without wasting any time lets get started. Layers on the internet:- The website and anything that you are visiting is only 1% of the total internet. Ya, it is true only 1%. That is called the Surface Web which is available or indexed on google or any other search engine. The most of the internet is hidden and not accessible to the normal internet user.  After the Surface Web, The next to come is Deep Web. Deep Web:- This is basically a website which is not indexed in any search engines like google. You need a link to enter into. This...
Post a Comment
Read more