Tuesday, July 2, 2013

Browser as an Attack/Pentest Tool

Tools to add to your browser (firefox/mozzilla enabled browsers)

chrome i love but firefox to me tools it better (wareva that means)

This are addons found in the security framework/browser OWASP-Mantra and can come in handy when doing recon/pentest/attack/vuln assessment.|

I add them to my firefox/ice weasel(kali) to add more reinforcement (automation is not necessarily my thing but it gets the work done :)

CIAO have fun

oww here is the link to the collections <Collections> :)

I don not wish to deter from OWASP Mantra ...no no.... i just love the ease i have with this method especially on FreeBSD so if you wanna try OWASP Mantra.... :) have a go at it OWASP Mantra

XSS -slaying information from simple actions like----- a MOUSE HOVER :)

XSS well :) what do we know about it,

Cross Site Scripting as its called :) is a form of web vulnerability solely relying on scripts and scripting languages e.g javascript, HTML5 e.t.c

Some examples of exploitation include:
  • injecting a fake login form;
  • retrieving legitimate users' cookies;
  • injecting browser's exploits;
  • getting users to perform an arbitrary action in the web application;
and tonnes more....

a simple XSS would look like such <script>alert(1);</script> when injecting on a html form... on a url it may be as such :

so what really happens? ....XSS comes from a lack of encoding when information gets sent to application's users. as opposed to other attacks it targets the client rather than the server.

how dangerous is this? well... here is a simple calculation ... 
XSS in url encoded format is hardly noticable to any viewer(looks like a normall url)


the above link (leave the sex tape outta this) unlike the other one has less <script> tags and contains more of the url encoded while it simply loads on a webpage without any immediate effect till you hover your mouse on the page :) !!! and whats the worst that can happen owwww i donno maybe .... fake login page injection (social sites , online bank) retrive legitimate user cookies from your browser :) ... get you to perform arbitrary actions on the web app without your consent (well your knowing consent)

more about this attack can be found here where theres a cheat sheet OWASP XSS cheet sheet also on its evasion and even more on how to protect yourself ... PEACE... am out


:) No longer posting, all articles should be treated as archived and outdated