Inject using Javascript

Author: kostis90gr
// Translation: Ghost [S.S. T]
// This Article has been published in the June issue of "Black Line of Defense". The copyright belongs to ghost soul and the magazine "black line of defense". ensure the integrity of the article for reprinting. Thank you :)

This guide is only for report purposes. I am not responsible for anyone who uses it for illegal purposes.

By using javascript injection, you can change the content of the website without shutting down the website or saving the page on his PC. This is done by the address bar of his browser.
The command syntax looks like this: Warning crit: alert (# command #)
For example, if you want to see a warning box in the website http://www.example.com, first enter the URL (www.example.com) in the address bar. After the page is loaded, clear the URL and enter the warning crit: alert ("Hello World") as a new URL. in this case, a warning box is displayed, showing Hello World. however, some people will use this technique to change almost any content on the page. for example, an image. let's imagine a website logo image. by viewing the page source code (you can use "view source code" in the browser), we found an HTML code:

Get information: There is an image named hi, and the source file is hello.gif.we want to change to bye.jpeg and store it on our site http://www.mysite.com. So the complete URL of our image is to use javascript injection, We need to input in the address bar:
Javascript: alert (document. hi. src = "")

You will see a prompt box saying that the image will be changed after that. Note that the changes are only temporary! If you refresh the page or enter the page again, your changes will be lost, because you are not changing the site on the server, but on your PC.
Using the same method, we can view or change the variable value. For example, we find such source code on the website:
<Script language = "JavaScript">
Var a = "test"
</SCRIPT>

Assign test to variable a. To view the value of the variable, we will enter:
Javascript: alert ()
Then, in order to change it from test to hello, enter:
Javascript: alert (a = "hello ")
However, javascript injection is mainly used to change the attributes of a form. Below is some of our existing code:
<Form name = "format" action = "send. php" method = "post">
<Input type = "hidden" name = "mail" value = "someone@somewhere.com">
<Input type = "text" name = "name">
<Input type = "submit" value = "submit"> </form>

We want the form to be sent to our mailbox, instead of the mailbox someone@somewhere.com in the code, this idea can be done by this command:
Javascript: alert (document. format. mail. value = "me@hacker.com ")

Now you know that I always talk about it in layers. Let's start from big to small:
1) starting from document
2) enter the name of the object we want to change (such as document. hi. src) or its attributes and assign values again (such as document. format. mail. value)
3) The final end is the feature we want to change (such as the Source Path: document. hi. src, or the variable value: document. format. mail. value)
4) Use "." To separate words.
5) when we want to change the feature value, use "=" and the new feature value.
* Note: Double quotation marks (for example, document. format. mail. value = "me@hacker.com") are required when the new feature value is a string ")
If we want to change it to a variable value, we do not need to use double quotation marks "". for example, if we want to change the value of variable a to make it equal to the value of variable B, we will enter javascript: alert (a = B ).
However, most page properties do not have names, for example:
<Form action = "send. php" method = "post">
<Input type = "hidden" name = "mail" value = "someone@somewhere.com">
<Input type = "text" name = "name">
<Input type = "submit" value = "submit"> </form>

In this Code, the form has no name. With all the above information, the command may look like this:
Javascript: alert (document .. mail. value = "me@hacker.com ")

In this case, we have to calculate all the forms to find the serial number of the form. I will use an example to explain it:
<Form action = "send. php" method = "post">
<Input type = "text" name = "name">
<Input type = "submit" value = "submit"> </form>
<Form action = "send. php" method = "post">
<Input type = "hidden" name = "mail" value = "someone@somewhere.com">
<Input type = "text" name = "name">
<Input type = "submit" value = "submit"> </form>
<Form action = "send. php" method = "post">
<Input type = "text" name = "name">
<Input type = "submit" value = "submit"> </form>

In the above Code, we see three forms, but we are only interested in the second one. therefore, the form number we want is 2. never forget that we started from 1. Let's say 1, 2, 3, 4... however, it is calculated from 0 in javascript. it is 0, 1, 2, 3... so the real form number is 1, not 2. generally, we need to first find the form sequence number and then subtract one.
We will use this serial number to complete our command:
Javascript: alert (document. forms [1]. mail. value = "me@hacker.com ")

In this way, you can change images or links without names.
For images: javascript: alert (document. images [3]. src = "# the URL of the target image you want to change #")
For links: javascript: alert (document. links [0]. href = "http://www.undug.net/?you want to change the target link #")
Finally, we can use this technique to edit cookies.
The following command is compiled by Dr_aMado of triviasecurity.net, But I modified a little so that the cookie can be displayed before the user edits it. You only need to copy them to the address bar:
Javascript: alert (window. c = functiona (n, v, nv) {c = document. cookie; c = c. substring (c. indexOf (n) + n. length, c. length); c = c. substring (1, (c. indexOf (";")>-1 )? C. indexOf (";"): c. length); nc = unescape (c ). replace (v, nv); document. cookie = n + "=" + escape (nc); return unescape (document. cookie) ;}); alert (The cookie is: "+ document. cookie + "); alert (c (prompt (" The name of the cookie: "," "), prompt (" Change this value :",""), prompt ("with this :","")));
To end, I must emphasize that all we have done is on the user end! It is like saving the website on your PC and modifying it. even so, you can still cheat a page (such as cookies) or pass security verification on a page. for example, some pages will check where the user sends the data. if the data is sent from the http://www.test.com/form.php to http://www.test.com/check.php, check.php can detect the data sources from http! However, you need to use a deeper level of knowledge than mentioned here.
If you have any questions or suggestions, please email me: kostis90gr@gmail.com