Practical stored XSS Example using Burp Suite

From Embedded Lab Vienna for IoT & Security

Revision as of 10:02, 8 January 2023 by RHaidl (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Summary

This practical guide shows how to generate a stored XSS exploit using burp suite.

Requirements

Burp Suite
Visual Studio
GIT Project (https://github.com/Robert-Haidl/XSS_stored)

In order to complete these steps, you must have followed the readme [1] before.

Description

Setup

Download and run Burp Suite (https://portswigger.net/burp/communitydownload)
Clone GIT Project and run it locally using VisualStudios integrated IIS Express server.
Check if you can add blog entries

Step 1

Open Burp Suite, navigate to Proxy -> Intercept and make sure to turn Intercept on.

turn on intercept

References

https://portswigger.net/burp/documentation/desktop/penetration-testing

Retrieved from "https://wiki.elvis.science/index.php?title=Practical_stored_XSS_Example_using_Burp_Suite&oldid=10850"

Documentation