HTML INJECTION Basic Guide For beginners !!
⭕🔱🇰🇦🇱🇮™🔱⭕What is HTML Injection?
The essence of this type of injection attack is injecting HTML code through the vulnerable parts of the website. The Malicious user sends HTML code through any vulnerable field with a purpose to change the website’s design or any information, that is displayed to the user.
Types of HTML Injection
This attack does not seem to be very difficult to understand or to perform, as HTML is considered as a quite simple language. However, there are different ways to perform this type of attack. We can also distinguish different types of this injection.
However, the main types are:
- Stored HTML Injection
- Reflected HTML Injection
#1) Stored HTML Injection:
The main difference between those two injection types is that stored injection attack occurs when malicious HTML code is saved in the web server and is being executed every time when the user calls an appropriate functionality.However, in the reflected injection attack case, malicious HTML code is not being permanently stored on the webserver. Reflected Injection occurs when the website immediately responds to the malicious input.
#2) Reflected HTML Injection:
This can be again divided into more types:
- Reflected GET
- Reflected POST
- Reflected URL
Reflected Injection attack can be performed differently according to the HTTP methods i.e, GET and POST. I would remind, that with POST method data is being sent and with GET method data is being requested.
To know, which method is used for appropriate website’s elements, we can check the source of the page.
For Example, a tester can check the source code for the login form and find what method is being used for it. Then appropriate HTML Injection method can be selected accordingly.
Reflected GET Injection occurs, when our input is being displayed (reflected) on the website. Suppose, we have a simple page with a search form, which is vulnerable to this attack. Then if we would type any HTML code, it will appear on our website and at the same time, it will be injected into the HTML document.
Reflected POST HTML Injection is a little bit more difficult. It occurs when a malicious HTML code is being sent instead of correct POST method parameters.
Reflected URL happens, when HTML code is being sent through the website URL, displayed in the website and at the same time injected to the website’s HTML document.
💐HTML 5 CHEATSHEET 💐
🔥How to Prevent HTML Injection?🔥
There are no doubts, that the main reason for this attack is the developer’s inattention and lack of knowledge. This type of injection attack occurs when the input and output are not properly validated. Therefore the main rule to prevent HTML attack is appropriate data validation.
Every input should be checked if it contains any script code or any HTML code. Usually it is being checked, if the code contains any special script or HTML brackets – <script></script>, <html></html>.
HTML Tag
An HTML tag label pieces of content, such as “heading”, “paragraph”, “form”, and so on. They are the element names surrounded by angle brackets and are of two types – the “start tag” also known as opening tag and the “end tag” referred to as the closing one. Browsers do not display these HTML tags but utilize them to grab up the content of the webpage.
HTML Attributes
In order to provide some extra information to the elements, we use attributes, they reside inside the start tag and comes in “name/value” pairs, such that the attribute name follows up with an “equal-to sign” and the attribute value is enclosed with the “quotation marks”.
1
<a href = "http://itsmekali.in">Its_me Kali</a>
Here the “href” is the “attribute value”.
How to Test Against HTML Injection?
When starting to test against possible injection attack, a tester should firstly list out all the potentially vulnerable parts of the website.
I would remind, that it may be:
- All data input fields
- Website’s link
Then manual tests could be performed.
When testing manually if an HTML Injection is possible, then simple HTML code could be entered – For Example, to check if the text would be displayed. There is no point to test with a very complicated HTML code, simple code may be enough to check if it is being displayed.
For Example, it may be simple tags with text:
<h1>HTML Injection testing</h1>
or search form code, if you would like to test with something more complicated
<form method="post" action="index.html"> <p><input type="text" name="search" value="" placeholder="Search text"></p> <p class="search_text"> <label> <input type="checkbox" name="search_text" id="search_text">
Type text to search
</label> </p> <p class="submit"><input type="submit" name="commit" value="Search"></p> </form>
If an HTML code being saved somewhere is displayed, then the tester can be sure, that this injection attack is possible. Then a more complicated code may be tried – for Example, to display the fake login form.
💐Regards=@its_me_kali
إرسال تعليق