Exploiting XSS with BeEF: Part 1

Part 1

BeEF is an XSS-exploiting framework that lets you "hook" or gain control of victim web browsers. In this part of XSS exploitation, we will be working on finding an XSS-vulnerable website. We can simply do this by Google Dorking.

How It Works

XSS is caused when a website "reflects" code back to the user because it didn't recognize the code as something to run in the browser. These can b done by GET or POST HTTP requests.

Step 1: Find the Website

You can find websites with potential vulnerabilities by using inurl:.com:search.asp. This searches for all websites with a .com TLD and a search.asp page. It doesn't have to be .com, but those kind of websites are more likely to be vulnerable than a .gov website, right? Here is something similar to what you should see (for privacy reasons, I covered the names):

Step 2: Check to See if It's Vulnerable

Next, open that webpage and search using an simple script. It would look like <script>alert("lorem ipsum");</script>. If the webpage is secured, you will see this:

But if it is vulnerable to XSS, you will get a little pop-up:

This is caused because the website doesn't sanitize your search. There are various other tests, but this is the simplest and easiest way.


Now you know just how easy it is to find an XSS-vulnerable website. In the next tutorial, we will discuss how to exploit these vulnerabilities further with BeEF.

C|H of C3

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest