1
00:00:00,720 --> 00:00:07,750
Now it's time to increase the level of excess attack, so let's visit its GDP barometer pollution.

2
00:00:08,040 --> 00:00:14,880
Now, I hope you all know that XHTML and JavaScript are both end languages or claims of languages,

3
00:00:15,120 --> 00:00:20,340
which means if you run any script or code using these languages, then that would be executed on the

4
00:00:20,370 --> 00:00:22,340
claim side and not on the server side.

5
00:00:22,800 --> 00:00:23,130
Right.

6
00:00:23,430 --> 00:00:29,170
And your browser will execute HDMI in code and Esteemable already knows JavaScript.

7
00:00:29,560 --> 00:00:38,520
OK, now if you click on check and here in the library you will be able to see barometer's or BP is

8
00:00:38,520 --> 00:00:39,790
a parameter.

9
00:00:39,810 --> 00:00:42,480
OK, so let's try using.

10
00:00:42,480 --> 00:00:52,230
Hey, so it's not reflecting back directly, but if you visit The View page source and let me copy this.

11
00:00:55,620 --> 00:01:06,240
OK, so you'll be able to see the reason behind this, so your BP get barometer has a double quarter

12
00:01:06,240 --> 00:01:06,750
closing.

13
00:01:07,260 --> 00:01:12,150
OK, so that's the reason you will not able to see the reflection on your browser.

14
00:01:12,680 --> 00:01:17,460
OK, if you want your reflection to work, you have to use it.

15
00:01:17,470 --> 00:01:19,220
Something like this, OK?

16
00:01:19,470 --> 00:01:26,720
Which means you are first closing your eyes by using this function that will cause closing.

17
00:01:26,730 --> 00:01:32,880
You are closing your parameter completely and then you are passing or using your script.

18
00:01:33,460 --> 00:01:35,910
OK, so let's try this one.

19
00:01:37,410 --> 00:01:41,550
So let's switch back to our website, OK?

20
00:01:41,760 --> 00:01:45,740
And let's add this double code closing and hit enter.

21
00:01:46,020 --> 00:01:55,560
Now this time you will able to see, hey, OK, so this is the reason it's not reflecting back directly

22
00:01:55,560 --> 00:01:58,560
because it is closed by double code closing.

23
00:01:58,800 --> 00:01:59,150
Right.

24
00:01:59,580 --> 00:02:06,060
And if at any point of time you find that any of your parameter is using single code closing, then

25
00:02:06,060 --> 00:02:07,530
you have to work the same bit.

26
00:02:07,560 --> 00:02:10,940
You have to first close it and then you have to pass your script.

27
00:02:11,370 --> 00:02:11,650
Right.

28
00:02:11,970 --> 00:02:19,950
So if I try to run script here, OK, without using it, then it won't work.

29
00:02:20,820 --> 00:02:21,140
Right?

30
00:02:21,600 --> 00:02:24,560
So let me take the script.

31
00:02:26,430 --> 00:02:34,740
So let's script alert one, two, three, and then close it.

32
00:02:36,700 --> 00:02:37,450
Copy this.

33
00:02:39,720 --> 00:02:46,680
And let's try this on a live Web site, which is, again, would worldwide dot com, because I know

34
00:02:46,680 --> 00:02:48,550
this Web site is vulnerable to excesses.

35
00:02:49,140 --> 00:02:54,420
OK, so let's it and click on Go.

36
00:02:56,090 --> 00:03:00,030
OK, this time, if you click OK, you will see the reflection again.

37
00:03:00,530 --> 00:03:04,030
OK, so click on Prevent this page from creating additional dialogues.

38
00:03:04,670 --> 00:03:09,920
Right now, I hope you know how you can use excessive attacks on websites.

39
00:03:10,190 --> 00:03:17,150
And in the next video, I will show you a special website which definitely increase your level of using

40
00:03:17,150 --> 00:03:18,260
excessive Cybex.