Forum Discussion
shubham
Bronze I
2 years agoCross-Site Scripting: Ep.6 – Further Exploitation
I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.
- 2 years ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.
NyePrior
Immerser
2 years agoIn both of your payloads, you're using 0.0.0.0 as the IP address. This would work if the Wildcard Cycles application was running locally on the Kali Desktop. However, as this is running on a different host, you'll need to specify the Kali IP address, not 0.0.0.0.