Cross site scripting (XSS) is an attack vector that targets vulnerable web applications hosted on web sites. The attack involves injecting malicious scripts into a web page through the vulnerable web application like a comment system, blog, guestbook or login form. Once the malicious script is embedded into the web page it will execute when visitors visit the infected web page.
Week 5 Assignment
For this lab, you will need to set up an environment to practice simple XSS attacks. This will involve installing a webserver, a database server, and a vulnerable web application and web pages. Once the server environment is set up on your lab XP client you will practice the attacks using your BackTrack distro.
Click here for detailed instructions and some video tutorials: XSS with a Vulnerable WebApp