Forum Discussion
Hack Your First Web App: Ep.4 Missing Cookie
I'm stuck on the last question of Hack Your First Web App: Ep.4.
I have repeated the XSS over and over again successfully, but it does not give me a cookie called "xss-token". It gives me a cookie with some letters and numbers, and those aren't the answer to the question. What can I do from here?
It wasn't giving me the xss-token, but after restarting the lab more times it eventually did. I guess it's fixed now.
3 Replies
- netcat
Silver III
😝
If you triggered the XSS just read what is displayed on the screen: whatever,XSS-TOKEN=value.
Enter the value and you're good to go.
- jodell
Bronze I
It wasn't giving me the xss-token, but after restarting the lab more times it eventually did. I guess it's fixed now.
- albertogr
Bronze I
I'm having the same issue. This is what I get:
The code I used was onclick="alert(document.cookie)"