Forum Discussion

Bronze I

11 months ago

Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

help & support

CyberSharpe
11 months ago
johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in.

natelott

Bronze I

11 months ago

They key is knowing that you have to use python to host the remote .js file in parallel with netcat to listen for the response of the XSS malicious scripts. Additionally, there are two steps to expose the data. One exposes the username and token cookie (question 1&2) in the query parameters. The other displays the token in the html body. The example code snippets work with VERY minor modifications. One thing I did based on feedback from a peer, was to wrap Netcat in a look to keep it active in terminal for subsequent requests.

Forum Discussion

Cross-Site Scripting: Ep.6 – Further Exploitation

Featured Places

Help & Support Forum

Related Content

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Pen Test CTFs: Jinja2 Exploitation

Zeek Ep 4 Scripting

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Human Connection Challenge: Season 1 – Web Exploitation - XSS

Recent Discussions

Advanced CTF Challenge: Inner Maze

Advanced CTF Challenge: Hardened Maze

"You are not licensed to view this lab"

Serial Maze Support Group

Unable to access Developer tools in the lab