Have fun with stored cross site scripting

Actually we can do lots of different things with XSS ; though we always pop-up a message!  Anyway that’s enough for concept proofing rather than do more practically.

Here, I’m gonna show you how to exploit a cross site scripting vulnerability successfully using another social networking service.  Finally,  If someone view my profile, automatically he will be a my follower.


I noticed that line 154 is vulnerable after common xss test.  There wasn’t any filter in this input ; because web application is guided you to use previously defined locations. But we can use javascripts too 🙂


When we actually click on TRACK button, web application handle our actions with trackButtonsearch1 identity. So  i can use js click() event to click on it.  But before that, i would like to know more about how really webApp handle these things.  I saw there is a cool external js file called ‘all.js’


I opened it and paste all codes to http://jsbeautifier.org to prepare codes for reading!  Then i got something interesting.  See, they handle TRACK/UNTRACK actions using jquery.


And there were several more functions for handle various kinds of actions.  Actually read these files are not required to launch the  attack , but better feeling!  😉

So this was my payload.

window.onload = function(){

I had to insert elementId withing more ‘ because, websure ignored single ‘ mark.  There are more several ways to click on a button in js.  Perhaps i would use jquery, but i didn’t use because developers hadn’t use original min.js file.

Hope you meet somethings interesting in s-xss.