Stored Html Injection

-

What is  Html Injection ?

HTML Injection, also known as cross-site scripting (XSS), is a web vulnerability where an attacker injects malicious HTML or script code into a web application's input fields, URLs, or other user-controlled data. When the application does not properly sanitize or validate this input, it is displayed on web pages without proper encoding or filtering. As a result, unsuspecting users who view the affected pages may have the injected code executed by their browsers, leading to client-side attacks, data theft, session hijacking, or other malicious activities. Proper input validation and output encoding are crucial to mitigate the risk of HTML Injection vulnerabilities.

What is Stored Html Injection ?

Stored HTML Injection, also known as persistent or stored cross-site scripting (XSS), is a web vulnerability where an attacker injects malicious HTML or script code into a web application's database or storage. This injected code is then permanently stored and later displayed to other users accessing the affected pages. When unsuspecting users view the page, their browsers execute the injected code, potentially leading to client-side attacks, data theft, or other malicious activities. Stored HTML Injection poses a significant security risk and requires proper mitigation to prevent exploitation.

When a user accesses a page or data that contains the stored malicious code, the injected script or HTML can execute within their browser, leading to various security risks. These risks may include cookie theft, session hijacking, defacement of the website, phishing attacks, or even the installation of malware on the victim's system.

In This Article ?

  • What is Html Injection
  • What is Stored Html injection
  • Stored Html Injection Impact
  • Stored Html Injection Mitigation
  • How to Test
  • How to Reporting

How to Find ?

STEP #1: Go to any website create an account and Login.


STEP #2: Click the edit address option now paste the payload in address bar and save it.
payload : <img src="https://sanjeetmishra.com/SanjPromopic/WhatsApp%20Image%202023-05-03%20at%207.56.39%20AM.jpeg" alt="Girl in a jacket">


STEP #3: Now HTML payload is working because this input place is vulnerable to HTML Injection.


Impact :

The injected HTML or JavaScript code can execute within the victim's browser, leading to various malicious actions. This can include stealing sensitive user information, such as login credentials or personal data, manipulating website content, redirecting users to phishing websites, or delivering malware to their systems.

 Injected HTML code can be used to create convincing phishing forms or pages that trick users into entering their sensitive information, such as usernames, passwords, or credit card details. This information can then be harvested by the attacker for malicious purposes.

A successful stored HTML injection attack can damage the reputation of the affected website or application. Users may lose trust in the platform's security, resulting in a decline in user engagement, customer loyalty, and potentially financial losses for the organization.

It is crucial to address stored HTML injection vulnerabilities promptly to mitigate these impacts and protect the security and integrity of web applications and their users.

Mitigation :
Implement strict input validation mechanisms to ensure that user-generated content is properly validated and sanitized before being stored in the application's database or storage. Use input validation techniques such as whitelisting, blacklisting, and regular expressions to filter out potentially malicious HTML or script tags.

Employ a WAF as an additional layer of defense. A WAF can help detect and block attempts to exploit stored HTML injection vulnerabilities by analyzing incoming requests and responses, filtering out malicious code, and providing virtual patching for known vulnerabilities.

By implementing these mitigation techniques, organizations can significantly reduce the risk of stored HTML injection vulnerabilities and enhance the security posture of their web applications. It is important to adopt a proactive approach to security and prioritize ongoing monitoring, testing, and maintenance to stay ahead of evolving threats.

How To Report ?

Hello Team
                  I'm  Career Technology Cyber Security India a white security researcher from Mumbai INDIA, founded Vulnerability on your website: https://www.exmple.com

Vulnerability Name :  Stored Html Injection

Description: 
A "stored HTML" attack also known as "Persistence" occurs when a malicious script is injected into a web application and then permanently stored inside the application server. The application server then dumps the malicious script back out to the user when the user accesses the injected webpage.

Username : (login gmail)
Password : (login password)

Vulnerable URL : https://www.exmple/store/en/customer/address/edit/id/

Steps to reproduce ?
1.Visit on your website: https://www.exmple/en
2.Create an account & login open your profile
3. Click the edit address option
4. Then paste the payload in street Address option and save it
payload : 
<img src="https://sanjeetmishra.com/SanjPromopic/WhatsApp%20Image%202023-05-03%20at%207.56.39%20AM.jpeg" alt="Girl in a jacket">
5.now you can your street address place is vulnerable to stored html injection.
6.Please check the POC (Video) For More Information's .

Impact:
The impact of stored HTML injection includes client-side attacks, data theft, web page defacement, content manipulation, and potential compromise of user accounts or sensitive information.

Mitigation :
To mitigate stored HTML injection, implement input validation and output encoding techniques to sanitize user-generated content. Utilize proper input validation to filter out potentially malicious input, and apply output encoding to properly encode user-supplied data when displaying it on web pages. Additionally, consider implementing a Content Security Policy (CSP) to restrict the execution of untrusted scripts and mitigate the impact of injected code.

POC: Video & Screenshot

for more details you can ping me on mail

Thanks & Regard,
Career Technology Cyber Security India
Indian Bug Hunter

Comments

Post a Comment

Popular posts from this blog

CAREER TECHNOLOGY CYBER SECURITY INDIA PVT LTD.

-
Image
CAREER TECHNOLOGY CYBER SECURITY INDIA PVT  LTD. ISO 27001:2013, ISO 9001:2015 Certified  Company         INTERNATIONALLY AUTHORISED FOR CYBER FORENSICS, CYBER SECURITY, CYBER AUDIT TRAINING & EXAM CENTER BY MILE2 CYBER SECURITY United States First ATC of Mile 2 Cyber Security in Mumbai & MIRA-BHAYANDER / VASAI-VIRAR, Since JAN 2017. Offline as well as Online batches both are available. PG accommodation for students is available. Joi n   CAREER TECHNOLOGY CYBER SE CURITY INDIA  PVT LTD.   Today  To Start Your  Career In  Cyber Security. * OUR PROFESSIONAL DIPLOMA COURSES FOR  ALL  UNDERGRADUATE ,    GRADUATE ,  AND  WORKING PROFESSIONALS* __ ______________________________________________________________________ Why do you have to choose our institute? 1. Our Diploma is Authorised by the Indian Government as well as its full copyright & Trademark by ISO. IT will help you to add Extra Technical Skills in     Your Resume. Its Contains Full Practicals Knowledge from the In
Read more

Some Dark web Links

-
Image
Here are some of the Forum/Website to visit on dark web related to cybersecurity and hacking. Before visiting this website please follow the steps to be safe on the dark web/ Deepweb. Security Steps to be taken before opening the links: First of All, To browse these dark web forums, first close all active programs and applications in your computer then start Your NordVPN or any Paid and HQ VPN that have TOR service and select Onion Over VPN Server.  Now start Tor Browser and disable Javascript. In this way, you have created a completely secure and untraceable environment for you. If you think Tor Browser gives you full anonymity then you are wrong.  Only premium VPN services can provide you fully secure and untraceable environment. I have tried my hands on many premium VPN services, and I found NordVPN beats its competitor in all features. Disclaimer ⚠ : This info are shared for educational purpose only, neither the website nor creator hold any info or liable to any
Read more

Cyber Security Audits

-
Image
 Cyber Security Audits What is Cyber Security Audit?                 A cyber audit, at its core, refers to a systematic evaluation and assessment of an organization's information systems. This evaluation is designed to identify potential vulnerabilities, non-compliance with standards, and areas of improvement in both technology and processes, all with the aim of safeguarding digital assets against potential threats. Cyber audits delve deeply into the organization's technological infrastructure, scrutinizing hardware, software, networks, and even the practices and protocols that users and administrators follow. This in-depth review allows for a holistic understanding of the current cybersecurity posture of the entity and helps in crafting more robust and resilient digital environments. The rationale behind conducting a cyber audit often stems from both internal and external pressures. Internally, management recognizes the intrinsic value of their digital assets, understanding th
Read more