Forum Discussion

Bronze I

2 years ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
2 years ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

NyePrior

Immerser

2 years ago

Hi me5382 natelott 👋

In both of your payloads, you're using 0.0.0.0 as the IP address. This would work if the Wildcard Cycles application was running locally on the Kali Desktop. However, as this is running on a different host, you'll need to specify the Kali IP address, not 0.0.0.0.

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Ep 7 Post Exploitation With Metasploit

Pen Test CTFs: Jinja2 Exploitation

Zeek Ep 4 Scripting

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Recent Discussions

Elastic Data Ingest: Ep.2 – Filebeat

Web server brute force authentication: Ep. 1 - Compromising an account

Privilege Escalation: Windows – Automated Enumeration

Google Cloud Basics: Ep.7 – Demonstrate Your Skills - Task 10

Credential Access: Using Hydra