Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SteVe - Cross-Site Scripting

By kannthu

Medium
Vidoc logoVidoc Module
#steve#xss#oss
Description

What is "SteVe - Cross-Site Scripting?"

The "SteVe - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the SteVe software. This vulnerability allows an attacker to inject arbitrary scripts into the browser of an unsuspecting user, potentially compromising the security of the affected site. The severity of this vulnerability is classified as medium, with a CVSS score of 5.4.

This module was authored by clem9669.

Impact

A successful exploitation of the cross-site scripting vulnerability in SteVe can lead to various consequences, including:

- Execution of malicious scripts in the context of the affected site - Potential theft of sensitive user information - Manipulation of site content or functionality - Possible spread of malware or phishing attacks

How the module works?

The "SteVe - Cross-Site Scripting" module works by sending HTTP requests to the target site and applying matching conditions to identify the presence of the vulnerability. The module uses the following matching conditions:

- Check if the response body contains the string "<script>alert(document.domain)</script>/services/?stylesheet=1\">" - Verify if the response header includes the string "text/html" - Ensure that the response status code is 200

If all of these conditions are met, the module reports a vulnerability.

Here is an example of an HTTP request used by the module:

GET /steve/services/"%3E%3Cscript%3Ealert(document.domain)%3C/script%3E/services/ HTTP/1.1
Host: [target site]

Please note that the above example is for illustrative purposes only and may not represent the exact request used by the module.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/steve/services/"%3E.../services/"%3E%3Cscr...
Matching conditions
word: <script>alert(document.domain)</script>/...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability