DVWA: Instructions for performing XSS Injection attack testing on DVWA Web server system

Overview

This article shows you how to perform an XSS Injection attack test on a Web server system containing DVWA vulnerabilities to understand more about the attack method and thereby draw solutions to overcome the attack

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL source code application that bundles web application security logic errors in PHP source code. Logical errors when programming can be applied to all kinds of programming languages ​​to reduce the possibility of creating security holes from careless programming thinking. The main goal of DVWA is to create a legitimate hacking/pentest practice environment. Help web application developers understand more about safe and secure programming. Besides, DVWA also provides teachers/students with methods to learn and practice basic and advanced web application security attacks

Here I use the Sophos XGS firewall appliance

Diagram

How to configure

  • Install Web Server that contains vulnerabilities (here I use DVWA)
  • To install DVWA Server, see this article

Configure NAT for DVWA Web server using port 80 and try XSS Injection attack

  • Login to Sophos XGS firewall device with Admin account
  • Create Host for DVWA Web server -> Go to Hosts and services
  • Enter name for Server
  • In IP version: Choose IPv4
  • In Type: Choose IP
  • In IP address: Enter IP address of DVWA web server
  • Click Save
  • Got to Rules and policies -> Choose NAT rules tab -> Click Add NAT rule -> Choose Server access assistant (DNAT)
  • In Internal server IP address -> Choose Host web server DVWA that was created before -> Click Next
  • In Public IP address -> Choose network port with IP WAN that you want to public web server DVWA -> Click Next
  • In Services -> Choose HTTP and HTTPS service -> Click Next
  • In External source networks and devices -> Choose Any -> Click Next
  • Click Save and finish
  • Check access to web server DVWA
  • Perform XSS Injection to web server DVWA
  • Choose XSS (DOM)
  • When we select a language and press Select
  • Looking at the path bar we will see the results it returns on the path

http://172.16.31.84/dvwa/vulnerabilities/xss_d/?default=English

  • Here I will replace it with an XSS attack script

http://172.16.31.84/dvwa/vulnerabilities/xss_d/?default=<script>alert(document.cookie)</script>

  • We will see the session ID, the user’s cookie

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.