Python - CSS Injection (CSSI)
Running the app on Docker
Now that the app is running let's go hacking!
Reconnaissance
When we start the application we can see that there is a text box that allow you to write a color name.
![](https://skf.gitbook.io/~gitbook/image?url=https%3A%2F%2Fraw.githubusercontent.com%2Fblabla1337%2Fskf-labs%2Fmaster%2F.gitbook%2Fassets%2Fpython%2FCSSI%2F1.png&width=768&dpr=4&quality=100&sign=a26a28a1&sv=1)
We can write a color like:
And depending on the color that we chose, this will be the color in the text below:
![](https://skf.gitbook.io/~gitbook/image?url=https%3A%2F%2Fraw.githubusercontent.com%2Fblabla1337%2Fskf-labs%2Fmaster%2F.gitbook%2Fassets%2Fpython%2FCSSI%2F3.png&width=768&dpr=4&quality=100&sign=369c79bf&sv=1)
Exploitation
If we check how the text that we wrote in the text box is later put into the code we can see:
![](https://skf.gitbook.io/~gitbook/image?url=https%3A%2F%2Fraw.githubusercontent.com%2Fblabla1337%2Fskf-labs%2Fmaster%2F.gitbook%2Fassets%2Fpython%2FCSSI%2F4.png&width=768&dpr=4&quality=100&sign=a9e0b4ec&sv=1)
If we try to insert a malicious code that we know it will be inserted in the source code, we can try something like this:
This code should show an alert box or pop up alerting the text "CSSI - XSS". If we check the website after sending the malicious request:
And goal achieved!
Additional sources
https://www.owasp.org/index.php/Testing_for_CSS_Injection_(OTG-CLIENT-005)
Last updated