Hello everyone,
recently I learned some web page hacking and it went well. The tutorial covered SQL injection, brute forcing, file inclue / upload vulnerabilities and other stuff. Everything went well, however I still have a huge question mark on cross-site scripting.

What can you do with this kind of vulnerability ?

I mean, I understand you could add javascript for example, but it runs only locally. I don't really see the point on adding javascript code that would run only on your computer. And if you manage to get someone else to click on a malicious link, wouldn't it be better to just craft a website exactly for your needs ? I'm sure there's a very obvious use but I can't see it.

Please enlight me =)

Good resources A good example of XSS recently I was working for client that had XSS on their site. When I told them they wanted me to prove it so I crafted a attack sent them a link and managed to steal their cookies from this I was able to log into the admin page and have access to all their customer details.

The big question I have is this: If you could get them them to click on a link, couldn't you make them go on ANY page of your choice that would steal their cookies ?

I haven't read xXxKrisxXx's pages yet but I'll make sure to do, they seem very informative on the subject and will probably help me understand better.

Thank you.

A large reason you might want to use a site with XSS instead of pointing someone to another malicious site pertains to trust. In other words, someone will be more likely to click on a link in an email that points to "trusted-site.com" that goes to a site that is vulnerable to reflective or persistent XSS versus clicking on "evil-site.com"

** It looks like lorddicranius beat me to the punch