Hacking is big, there are many things to hack and infinite ways to do it, and each way have smaller and smaller paths.
For instance, to enter a restricted area, you might impersonate an authorized person to enter, break the door and enter, steal the keys and use them, enter at nights or weekends when the security is not as tight, dig a hole in the ground, or ride an airplane from above, you can also use some of those, none of those, or all of those methods.
Personally, if I wanted to break into a highly restricted area, I would cut the electricity and impersonate an electrician, legally of course, as a penetration tester social engineerer with this āget out of jail free cardā, but it is not my job anyway.
XSS is hated. And there is a reason for this, it is one way to break into organizations, while they do all types of protections it is never enough. They have to reward hackers who finds and reports them through bug bounty programs, and as this vulnerability has a low to critical severity over businesses, some organizations treat it as a medium severity anyway. To pay less for the hackers maybe?
XSS is hard. The hackers spend a lot of time finding, exploiting, and reporting them. The hard part is the exploitation, though. But compared to other types of vulnerabilities, XSS is widespread and easier to exploit. It requires basic knowledge of JavaScript for exploitation.
XSS can destroy the earth. A stored XSS can sometime be like COVID-19, when someone sees it, they will be infected and all their friends and friends of friends will. It all comes down to how someone will actually exploit it. A regular, average, boring, blackhat, would mostly share his crypto public key and request for donations for whatever reason.
For instance, if a Stored XSS is found on Facebook posts, the Blackhat would write a post like this: āHi, I have donated to organization X and you should!, [Crypto public wallet key] donate Now!ā and they will inject a background XSS payload script that posts the same content whenever someone sees this post. It will act as a worm.
Me, personally, if I were a blackhat, I would auto-unblock all blocked people, and send them āI am sorryā messages.
Have you ever heard about Samy? He is a hacker who exploited a Stored-XSS in Myspace and used it as a worm, and with a few lines of code, he reached over a million of people in few hours. I thank my god it wasnāt me.
This is not everything. XSS can change the whole style of a webpage, it can turn the background black, write whatever content on a page, and steal data.
This will never be everything. Have you ever heard about universal XSS and server side XSS and what they are capable of doing? Well, maybe it will be a story for another day!
Follow me in Twitter @0x21SAFE and Medium!
