XSS - Stealing from Auto complete: JS for Pentesters task 12 write up
writeup for task-12 of the JS for pentesters series by securitytube - Stealing Autocomplete
Stealing from AutoComplete ? Well, that was the same reaction which comes to my mind when I went through this challenge. Usually people have a habit of saving their Username:Password combinations to the browser so that they don’t want to type and repeat the same thing again when they login next time. But if the web application that the user tries to login is vulnerable to XSS, then this action will be dangerous !
JS for Pentesters task 12
Once you get into the challenge page, try entering a random username:password combination and click sign in. When the browser ask if you wanna save the password or not, click on remember password. So what happens is that next time if we visit the page, the username:password fields will be automatically filled by the browser for us. Let us see how can we steal this information:
So here what we basically want to do is to submit this form automatically without user intervention to an attacker server. We also needs to modify the form submit action so that it can point to our server instead of the original server. So the payload looks like this:
Here what we are doing is that we are using the
.submit() function which will automatically submit the form.
We cannot use an eventHandler (which seems can also be used) because while using
.submit(), we are submitting form automatically and not by user clicking on the same. so eventHandler won’t be provoked while doing it.
2) The solutions written above is the way we cracked the problem which might be different from the solution videos provided by the SecurityTube. If you need the solution video, you have to subscribe to PentesterAcademy.
We hope that you really liked this challenge. If there is anything you didn’t understand or wanted to get more clarity, please comment down and we are more than happy to help. Also, if you get a better way of solving the challenge, please share it with us and we are happy to learn from our readers too. Happy pentesting..