This is a short tutorial to find stored XSS & HTML Injections easily. HTML injections occur when input isn’t sanitized to check or remove code thus, allowing potentially malicious code to execute on a web page.
1. On a search engine such as Google, search, site:target.com inurl:”contact” | inurl:”contact-us” | inurl:”contactus” | inurl:”contcat_us” | inurl:”contact_form” | inurl:”contact-form” | inurl:”newsletter_signup” | inurl:”newsletter”
Using these operators Google will display indexed results from the target domain that contains any variation of contact us or newsletter listed above in the URL. You can remove the site operator and target URL for a broader search and instead enter a keyword.
2. Once you’ve found the page it’s time to test payloads. Fill in the first and last name form inputs with an HTML Payload such as “Name<a href=”HTTP://testing.com”>Test</a>”.
3. Upon submitting a contact form or joining a website’s newsletter wait for a message in your mail. If it is executed correctly you will see the HTML changes made in the email in place of your name. Based on the example in step two, successful execution will be indicated by a clickable link “Test” in the name portion of the email.