Its been a while since I have blogged.
Anyway this is going to be a short post about executing an XSS.
I used this new trick of executing an XSS on big websites, and fortunately I executed my XSS Payload, on those website.
So first of all, what is OAuth?
For those who don't know what is OAuth. It is an open standard for authorization, commonly used as a way for Internet users to log into third party websites using their Microsoft, Google, Facebook or Twitter accounts without exposing their password.
Just like some games and apps, on facebook needs your authorisation to use them.
Developers can create their application(s) by using OAuth . meaning, by simply creating an application with redirect_uri, the thirdparty can get access to profiles with the provided scope (location, access, read/write...).
The part that is vulnerable to XSS is redirect_uri.
In redirect_uri, I insert my XSS payload to execute. When I click on "Authorise" button. I automatically redirected to the payload i.e. javascript://alert(0);//http://.
And Boom XSS executed.
I used this trick on some websites, and I was able to execute my script.
To know more about Open Redirect in OAuth. Click here
Anyway this is going to be a short post about executing an XSS.
I used this new trick of executing an XSS on big websites, and fortunately I executed my XSS Payload, on those website.
So first of all, what is OAuth?
For those who don't know what is OAuth. It is an open standard for authorization, commonly used as a way for Internet users to log into third party websites using their Microsoft, Google, Facebook or Twitter accounts without exposing their password.
Just like some games and apps, on facebook needs your authorisation to use them.
Developers can create their application(s) by using OAuth . meaning, by simply creating an application with redirect_uri, the thirdparty can get access to profiles with the provided scope (location, access, read/write...).
The part that is vulnerable to XSS is redirect_uri.
In redirect_uri, I insert my XSS payload to execute. When I click on "Authorise" button. I automatically redirected to the payload i.e. javascript://alert(0);//http://.
And Boom XSS executed.
I used this trick on some websites, and I was able to execute my script.
To know more about Open Redirect in OAuth. Click here
No comments:
Post a Comment