1
00:00:01,570 --> 00:00:01,870
OK.

2
00:00:01,910 --> 00:00:04,280
Now let's have a look on a excesses.

3
00:00:04,280 --> 00:00:08,610
Example now started excesses is very similar to a reflected one.

4
00:00:08,860 --> 00:00:13,060
It's it allows you to inject javascript code into the browser.

5
00:00:13,070 --> 00:00:16,330
The code is executed on the people that visit the page.

6
00:00:16,340 --> 00:00:19,240
The only difference is with this with the reflected.

7
00:00:19,250 --> 00:00:21,590
You have to send the URL to your target.

8
00:00:21,770 --> 00:00:28,690
So the target had to actually click on a new URL for the exploit to run or for the code to run and the

9
00:00:29,650 --> 00:00:35,290
store accesses the code will actually be stored into a database or into the page.

10
00:00:35,380 --> 00:00:41,510
So every time any person runs that page they will see your code and your code will be executed.

11
00:00:41,530 --> 00:00:48,160
So you want me to interact with any users or send them anything therefore this could be much more dangerous

12
00:00:48,400 --> 00:00:52,150
than reflected accesses so let's have a look on this.

13
00:00:52,140 --> 00:00:59,160
Now I clicked on the excesses third here on the left and you have this page and this page just allows

14
00:00:59,160 --> 00:01:02,910
you to add a message to the system.

15
00:01:02,910 --> 00:01:10,190
So I'm going to put my name as a we're just gonna do a normal test first and we're gonna put a message

16
00:01:10,400 --> 00:01:17,870
by the year for example and then I'm going to sign the guest book and you can see that Zaid I a message

17
00:01:18,470 --> 00:01:19,980
called message body.

18
00:01:20,060 --> 00:01:25,460
So if we go to hear to another machine.

19
00:01:25,500 --> 00:01:28,090
So this is a different machine to a different place.

20
00:01:28,200 --> 00:01:33,360
And if we go into X asset store we can see that there's two entries so the entries are being loaded

21
00:01:33,360 --> 00:01:38,390
from the database and that they contain the entries in that database.

22
00:01:38,400 --> 00:01:44,910
So if we manage to inject code in here then any person who runs this page the code will run it without

23
00:01:44,910 --> 00:01:47,940
even having to send that person anything.

24
00:01:47,940 --> 00:01:55,180
So let's try to inject stuff here so let's put my name as a and I'm going to try to put my code in here.

25
00:01:55,190 --> 00:01:59,460
So I'm going to try to inject into the message I'm going to call it a script.

26
00:01:59,660 --> 00:02:04,310
I'm going to use the exact same code test code that we used in the previous video just a message saying

27
00:02:04,310 --> 00:02:12,260
exercise again very basic code but it serves for the purposes of this video and we're going to stay

28
00:02:12,260 --> 00:02:12,820
alert

29
00:02:15,950 --> 00:02:20,340
accesses and I'm going to try to sign the guest book.

30
00:02:20,340 --> 00:02:23,310
And as we can see now I got the exercise here.

31
00:02:23,310 --> 00:02:26,460
But the real magic happens when a normal person.

32
00:02:26,460 --> 00:02:31,920
So let's just go home first and let's assume this is just the normal Web site and people just are coming

33
00:02:31,920 --> 00:02:37,560
and browsing it and once they're going to go to the guest book javascript code will be executed on their

34
00:02:37,560 --> 00:02:39,300
system from that Web site.

35
00:02:39,420 --> 00:02:45,450
So the code is coming from that website and is going to be executed on every person that visits this

36
00:02:45,450 --> 00:02:48,610
page again.

37
00:02:48,720 --> 00:02:54,540
We're just showing a proof of concept here in future videos which show how to further exploit this kind

38
00:02:54,540 --> 00:02:55,340
of vulnerability.