Background XSS tutorial

Generally, SQL Injection allows you to successfully obtain the background password.
However, in many cases, the background functions are not complete and you cannot upload files. That is to say, you cannot upload your Shell.
But even if there is no shell, you can still successfully mount the black pages and Trojans
In most cases, as long as you can create new articles, you can do this.
 
Step 1: discover vulnerabilities
Create a new article (or news, etc.) and paste the following code:
<Script> alert ('xss'); </script>
 
 
Go to the front-end to view the article you created. A window with the XSS name should pop up.
 
Go back to the background and create an article (News, messages, and so on ).
Copy the above Code to the title
 
Go to the front-end to check the home page of the website. You should see a window that says XSS.
 
If you see these two windows in this process, this indicates that the website can be XSS in the background, and you can continue with the black pages:
The code you need: <script> window. location = "(your black page address)"; </script>
 
 
Create a new article. If you just want to mount a black page on the website, paste the above Code into the article content.
If you want to blacklist the home page, copy it to the title.
4th floor
This method can also be used to steal cookies, jump to webpages, and so on.
All the background XSS that XSS can do.
 
The main advantage of background XSS is the high success rate.
Currently, items in the search box and comment box are usually filtered out. So far, I have not seen any websites with background content filtered on the 5th floor.
Finally, you need to perform the background XSS
This is the method mentioned above. Hanging a black page in the background makes it difficult for the Administrator to recover
 
If you have background permissions, you can use XSS to view all the information you need.

From Baidu Post Bar