Share
## https://sploitus.com/exploit?id=4B2C0596-6628-5476-9821-A8DF2B1FD4A2
# DVWA XSS Lab

## Project Introduction

This project creates a web security testing environment based on DVWA (Damn Vulnerable Web Application). It uses Burp Suite to manually test and reproduce XSS (Cross-Site Scripting) vulnerabilities. The main tasks of this project include:

- Reflected XSS
- Stored XSS
- XSS Filter Bypass
- DOM XSS
- Burp Suite packet capture analysis
- Repeater for manually modifying payloads
- Construction and verification of XSS payloads

---

## Technology Stack

- Docker
- DVWA
- Burp Suite
- JavaScript
- HTML
- HTTP
- XSS

---

## Project Environment

- Windows 10
- Docker Desktop
- DVWA
- Burp Suite Community Edition
- Google Chrome

---

## Project Structure

```text
dvwa_xss_lab/
โ”‚
โ”œโ”€โ”€ README.md
โ”‚
โ”œโ”€โ”€ payloads/
โ”‚   โ””โ”€โ”€ xss_payloads.txt
โ”‚
โ”œโ”€โ”€ reports/
โ”‚   โ””โ”€โ”€ xss_report.md
โ”‚
โ””โ”€โ”€ screenshots/
    โ”œโ”€โ”€ xss_reflected_page.png
    โ”œโ”€โ”€ xss_reflected_alert.png
    โ”œโ”€โ”€ burp_xss_request.png
    โ”œโ”€โ”€ burp_xss_repeater_response.png
    โ”œโ”€โ”€ stored_xss_page.png
    โ”œโ”€โ”€ stored_xss_alert.png
    โ”œโ”€โ”€ stored_xss_persistent.png
    โ”œโ”€โ”€ burp_stored_xss_request.png
    โ”œโ”€โ”€ burp_stored_xss_response.png
    โ”œโ”€โ”€ xss_filter_block.png
    โ”œโ”€โ”€ xss_bypass_success.png
    โ”œโ”€โ”€ burp_filter_response.png
    โ”œโ”€โ”€ dom_xss_page.png
    โ”œโ”€โ”€ dom_xss_alert.png
    โ””โ”€โ”€ burp_dom_xss_request.png
```

---

## Starting the DVWA Environment

Enter the DVWA project directory, then start Docker:

```bash
docker compose up -d
```

Access from a browser:

```text
http://localhost:4280
```

Log in with the username:

```text
admin
```

Password:

```text
password
```

---

## Experiment Content

### 1. Reflected XSS

Go to:

```text
XSS (Reflected)
```

Test the payload:

```html
alert(1)
```

If the page displays `1`, it means that reflected XSS was successfully executed.

### 2. Stored XSS

Go to:

```text
XSS (Stored)
```

Enter in the comment box:

```html
alert(1)
```

Refresh the page after submitting the comment. If a pop-up still appears, it means that the payload has been stored in the database.

### 3. XSS Filter Bypass

Set DVWA Security to Medium to test whether basic payloads are filtered. Test bypass payloads like:

```html
[Payload]
```

And:

```html
[Another Payload]
```

This demonstrates that even when the website only filters certain types of attacks, other HTML events may still bypass the filter.

### 4. DOM XSS

Go to:

```text
XSS (DOM)
```

Test URL parameters:

```text
default=alert(1)
```

The encoded form of this payload:

%3Cscript%3Ealert%281%29%3C%2Fscript%3E

The core of DOM XSS is that front-end JavaScript reads URL parameters and injects them into the page, causing the browser to execute malicious scripts. ---

## Screenshot of Experiments

### Reflected XSS Page

![Reflected XSS Page](screenshots/xss_reflected_page.png)

---

### Successful Reflected XSS Popup

![Reflected XSS Alert](screenshots/xss_reflected_alert.png)

---

### Burp Capturing Reflected XSS Requests

![Burp XSS Request](screenshots/burp_xss_request.png)

---

### Burp Repeater Returning Results

![Burp XSS Repeater Response](screenshots/burp_xss_repeater_response.png)

---

### Stored XSS Page

![Stored XSS Page](screenshots/stored_xss_page.png)

---

### Successful Stored XSS Popup

![Stored XSS Alert](screenshots/stored_xss_alert.png)

---

### Persistence of Stored XSS

![Stored XSS Persistently](screenshots/stored_xss_persistent.png)

---

### Burp Capturing Stored XSS Requests

![Burp Stored XSS Request](screenshots/burp_stored_xss_request.png)

---

### Burp Stored XSS Response

![Burp Stored XSS Response](screenshots/burp_stored_xss_response.png)

---

### XSS Filter Blockage

![XSS Filter Block](screenshots/xss_filter_block.png)

---

### Successful XSS Bypass

![XSS Bypass Success](screenshots/xss_bypass_success.png)

---

### Analysis of Burp Filter Responses

![Burp Filter Response](screenshots/burp_filter_response.png)

---

### DOM XSS Page

![DOM XSS Page](screenshots/dom_xss_page.png)

---

### Successful DOM XSS Popup

![DOM XSS Alert](screenshots/dom_xss_alert.png)

---

### Burp Capturing DOM XSS Requests

![Burp DOM XSS Request](screenshots/burp_dom_xss_request.png)

---

## Vulnerability Report

Detailed experiment procedures and vulnerability analysis:

[reports/xss_report.md](https://reports.xmh.io/report/xss_report.md)

---

## Payload Files

XSS Payloads:

[payloads/xss_payloads.txt](https://reports.xmh.io/reports/xss_report.md#payloads)

---

## Project Summary

This project demonstrated the reproduction and analysis of XSS vulnerabilities in DVWA, including reflected XSS, stored XSS, filter bypass, and DOM XSS. Through this project, we learned:

- The basic principles of XSS vulnerabilities
- How to construct JavaScript payloads
- How to trigger HTML events
- How to analyze Burp Suite packet capture
- How to manually test Repeater devices
- How to analyze URL encoding
- The basic principles of DOM XSS

---

## Disclaimer

This project is solely for web security learning, vulnerability reproduction, and research purposes. It is prohibited from being used for any illegal purposes.