1 00:00:00,090 --> 00:00:01,290 All right, welcome back, everyone. 2 00:00:01,500 --> 00:00:08,790 This session is about Store Texas, a second store exercise attack, and this is going to be pretty 3 00:00:08,790 --> 00:00:09,090 quick. 4 00:00:09,090 --> 00:00:13,130 I just want you to see how this works in the real life. 5 00:00:14,310 --> 00:00:21,270 So mostly mostly works on the forum or on the blog site where you have comment options. 6 00:00:22,050 --> 00:00:27,560 So you might have seen that on many blogs where there is a comment option enabled. 7 00:00:27,570 --> 00:00:27,900 Right. 8 00:00:28,200 --> 00:00:37,380 So that's where if somebody if if the site allows anybody to submit comments along with the script as 9 00:00:37,380 --> 00:00:46,080 well, and if the if the sanitisation is not happening on the outbound direction, on the outbound direction, 10 00:00:46,530 --> 00:00:55,080 then every new users, every every users after that will be getting the script back to them. 11 00:00:55,320 --> 00:00:55,670 All right. 12 00:00:55,680 --> 00:01:01,690 So let me show you with be Abdool itself will be going to our machine for this. 13 00:01:03,300 --> 00:01:03,680 All right. 14 00:01:03,690 --> 00:01:04,890 So this is where it is. 15 00:01:05,250 --> 00:01:12,750 We'll be logging in to the OAS, BWV and belonging to the evap. 16 00:01:13,200 --> 00:01:25,770 That's going to be back when the field and the test that's get the Crossette scripting stored block. 17 00:01:25,980 --> 00:01:27,910 OK, let's start over hanging. 18 00:01:28,050 --> 00:01:31,370 You see, there's some something has been posted. 19 00:01:31,380 --> 00:01:42,690 Let's say I post something, maybe script along with it, along with your blog comment or anything I 20 00:01:42,690 --> 00:01:43,620 can mention. 21 00:01:44,410 --> 00:01:45,380 There's a lot. 22 00:01:49,680 --> 00:01:50,170 Hello. 23 00:01:51,570 --> 00:02:00,480 So let's say I tested some of those amateurs, I've been hacked and let's say it's a new user, I probably 24 00:02:00,780 --> 00:02:02,010 will refresh the page. 25 00:02:02,220 --> 00:02:03,910 You know, it'll still be there. 26 00:02:04,080 --> 00:02:05,520 That's why it is persistent. 27 00:02:06,000 --> 00:02:08,340 Let me let me refresh the beach. 28 00:02:09,000 --> 00:02:09,690 You see this? 29 00:02:12,180 --> 00:02:15,370 You have been hacked and have a message. 30 00:02:15,720 --> 00:02:18,490 So all the doors will be loaded. 31 00:02:18,510 --> 00:02:23,990 There were two already present JavaScript, which was you have been hacked. 32 00:02:24,330 --> 00:02:25,680 I just added hello. 33 00:02:25,920 --> 00:02:30,910 And if you keep adding more and more JavaScript, it will keep giving you back as well. 34 00:02:31,590 --> 00:02:37,890 So the conditioner's for this kind of attack to work as the site has to be compromised. 35 00:02:38,250 --> 00:02:42,000 Site has to be infected with the stored exercice. 36 00:02:42,510 --> 00:02:50,820 That means if somebody's any any hacker, if it is allowed or anybody is allowed to post a JavaScript. 37 00:02:51,390 --> 00:02:54,180 So in that case, the website is loving. 38 00:02:54,180 --> 00:02:57,620 This Web site is accepting this script. 39 00:02:57,630 --> 00:03:02,820 That's the first problem and giving back to all the users that the second problem. 40 00:03:03,040 --> 00:03:10,760 OK, so if that's the website we see, that means all the following user who is coming after the compromise 41 00:03:10,770 --> 00:03:13,160 mission will getting compromised. 42 00:03:13,350 --> 00:03:16,800 But this attack and that's why it is so severe. 43 00:03:16,830 --> 00:03:17,210 All right. 44 00:03:17,490 --> 00:03:19,050 I hope you got the idea with this. 45 00:03:19,050 --> 00:03:21,060 Will get you and will get you in the next mission. 46 00:03:21,300 --> 00:03:21,690 Thank you.