Detecting XSS vulnerabilities
XSS vulnerabilities allow attackers to spoof content, steal user cookies, and even execute malicious code on the user's browsers. Web penetration testers can use Nmap to discover these vulnerabilities in web servers in an automated manner. Although there is room for improvement in this module, it is a good start for XSS testing.
This recipe shows how to find XSS vulnerabilities in web applications with Nmap NSE.
How to do it...
To detect XSS vulnerabilities in web applications with Nmap, follow these steps:
- Open a terminal and use the following Nmap command:
$ nmap -sV --script http-unsafe-output-escaping <target>
- The potential XSS vulnerabilities will be listed in the results:
PORT STATE SERVICE REASON 80/tcp open      http syn-ack | http-unsafe-output-escaping: |_   Characters [> " '] reflected in parameter id at http://target/1.php?id=1
The script output will also...