How I Hacked 40 Websites in 7 minutes
<p>Last summer I started learning about information security and hacking. Over the last year I’ve played in various wargames, capture the flag and penetration testing simulations, continuously improving my hacking skills and learning new things about ‘how to make computers deviate from their expected behavior’.</p>
<p>Long story short, my experience was always limited to simulated environments, and since I consider myself a white-hat hacker (aka one of the good guys) I never stuck my nose into other peoples’ businesses — quite literally.</p>
<p>Until now. This will be a detailed story about how I hacked into a server which hosted 40 (this is an exact number) websites and my findings.</p>
<blockquote>
<p><strong>Note:</strong> Some prerequisite CS knowledge is needed to follow through the technical parts of the article.</p>
</blockquote>
<p>A friend messaged me that an <a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)" rel="noopener ugc nofollow" target="_blank">XSS vulnerability</a> was found in his website and that he wants me to take a further look. This is an important stage, as I am inclined to ask for him to formally express that I have his permission to perform a full test on his web application and on the server hosting it. The answer was <strong>positive.</strong></p>
<p><a href="https://medium.com/hackernoon/how-i-hacked-40-websites-in-7-minutes-5b4c28bc8824"><strong>Website</strong></a></p>