Episode 13 - Website Hacking - XSS
November 16th, 2007 by 
Patchy
In this episode of Full Disclosure we are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.
Live Stream Here
Download Here
Download Cookie Catcher Here
Live Stream Here
Download Here
Download Cookie Catcher Here
14 Responses
You must be logged in to leave a comment.
November 16th, 2007 at 1:21 pm
The link dont work Patchy
November 16th, 2007 at 2:55 pm
forget my last post, i got it lol
November 17th, 2007 at 3:13 am
Once again
Thank you
November 17th, 2007 at 7:24 am
Great vid
Is there anyway of converting from the cookie the password to plain text??
Cheers
November 20th, 2007 at 3:02 pm
Well it is possible… The cookie password in wordpress is the md5 hash of the md5 hash of your password, so it would be very hard to crack.
January 30th, 2008 at 2:55 pm
so you mean that basically they are hashed 2 times??? That’s wild. I have always wondered what algorithm most cookies were encoded with, myspace, hotmail, etc. I have always tried to use cain or mdcrack to decode my own cookies just for the hell of it and never could. That is probabbly why LOL
April 14th, 2008 at 4:55 pm
i need help using t35 and uploading the cookie cathcer someone please help
November 29th, 2008 at 9:56 pm
Hey Patchy, really nice video…
But do you have any ideas why reinjecting a stolen cookie doesnt work , I mean the website doesn’t identify me at all and if I try to reinject my own cookie (grabbed from the same computer I signed in ) works ?
December 1st, 2008 at 10:53 am
wait, so why arent there any programs for cracking passwords that will do the double encryption for you? its the same process as a normal brute force or dictionary attack? it just has to encrypt it twice? or am i getting the process wrong?
ex: first word in dictionary is “apple” so all the computer has to do is:
apple
–hash to md5–
1f3870be274f6c49b3e31a0c6728957f
–hash to md5 again–
ae6d32585ecc4d33cb8cd68a047d8434
–compares ^ to extracted hash–
December 1st, 2008 at 2:53 pm
@Scotted: Most likely the cookies are based on the user’s IP Address. In that situation you are better off trying the XSS Tunnel attack.
@Hackncrack: That is a great question. That feature should definitely be added to password crackers!
December 3rd, 2008 at 12:54 am
This is what I thought too until I have tried to reinject my own cookie from another computer in my network with the same IP address and the website still does not recognize me
December 8th, 2008 at 2:36 am
A BIG THANKS TO PATCHY !!!! THANK YOU A MILLION TIMES, it has worked and now I am able to sleep
January 1st, 2009 at 8:02 am
sup dude…i contacted u on youtube …but i need some help over here…can u give me the cookie catcher php file dude???plz …cuz i get a error on line 4….
i mean the original file!!
January 1st, 2009 at 5:37 pm
http://infinityexists.com/downloads/cookie