Forum Discussion

Bronze I

3 months ago

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

NyePrior

Immerser

2 months ago

Hi me5382 natelott 👋

In both of your payloads, you're using 0.0.0.0 as the IP address. This would work if the Wildcard Cycles application was running locally on the Kali Desktop. However, as this is running on a different host, you'll need to specify the Kali IP address, not 0.0.0.0.

natelott
Bronze I
2 months ago
NyePriorThanks for the reply. I also tried this method. I used ip address from ifconfig, local host (127.0.0.1), and 0.0.0.0 got the same result. If that were the case, how am I able to open the js file in the browser using http://0.0.0.0:8080/script.js url? The JS is executing when I expose the vulnerability and I can see the request happen in netcat... Therefore I feel confident that the issue is inside the js file or with the /admin/token itself. I have tried the python method and the netcat method. The /admin/token endpoint gets me a 302 permanent redirect. As a python full stack developer w/ a good understanding of accessing local host as a local web server... I think I'm missing something else or not understanding the flow completely.

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

New Cyber Threat Intelligence Lab release!

Re: What are some good labs for learning the basics of malware analysis?

This Week in The Human Connection

New CTI Labs: Palo Alto Expedition Critical Vulnerabilities

Recent Discussions

Open Source Intelligence (OSINT): Boarding Pass

SuperSonic: Ep.6 – TEMPLE

Events & Breaches: Magecart Skimmer

CVE-2022-29799/CVE-2022-29800 (Nimbuspwn) – Defensive

Zeek - Demonstrate Your Skills