HTML Injections (HTMLi)

Web 2.0 introduced a bunch of vulnerabilities to the World Wide Web. These vulnerabilities are called cross-site scripting (XSS), also known as HTML injection, and they allow attackers to inject their own code onto the pages of web applications. You will learn to exploit a vulnerable Web application with the HTML injection attack.

outcomes

In this lab, you will learn to:

Test for an HTML injection vulnerability in your web application.
Steal a site's form using an HTMLi.
Perform a spear phishing attack using the HTMLi vulnerability.

Videos:

Before you start this lab, review these videos.

Adding Vulnerable Code

Exploit the Vulnerable Code Using HTMLi

Form Stealing

Setting up a Collection Server

Social Engineering

Falling Victim to a Spear Phishing Attack

Overview

HTMLi is the process of inserting unauthorized HTML elements into client-side files, which renders and alters the original webpage. In this lab we will add some vulnerable PHP code embedded in HTML to our custom homepage. Then, we will exploit the vulnerable code with an HTMLi attack using a method known as form stealing. Lastly, we will demonstrate how an HTML-injected webpage can be used during a spear phishing attack.

HTML Injections

Courses

Pentesting and Understanding Vulnerabilities - Skill Labs

College Pro - Core Cyber Defense

Key terms and descriptions

HTML injection

HTML injection (HTMLi) attacks are a type of vulnerability that can be exploited to inject malicious scripts into otherwise benign and trusted websites.

Social engineering

Social engineering is a term used to describe the act of manipulating people into performing actions or divulging confidential information.

Phishing

Phishing is a form of social engineering that uses electronic communications to impersonate a trustworthy entity in an attempt to scam users.

Spear phishing

Spear phishing is the more targeted version of phishing, where the attacker sends emails or messages to specific individuals.

Whaling

Whaling or whaling attacks are more focused on executive team members, but the goal is the same: steal sensitive data for financial gain.