Re: Cross-Site Scripting: Ep.6 β Further Exploitation
I'm also stuck and cannot get the script to display the admin/token page. I'm using the script from the XSS and SSRF section. From that script I changed
line 2 the I changed the open to use /admin/token
and on line 8 I changed the ip address to be the one given for the Kali Desktop and I'm using port 4848
In the wildcard-cycles.bitnet website on the Ask a Question page in the Message text box I'm using the script call from the Remote scripts section of the Briefing. I changed the ip address to be the Kali Desktop with port 4848.
I am using the python3 http.server call to listen. When I click the Post button I can see that the script has gotten called but no other information is being produced.
I'm not sure what I'm doing wrong. Any help would be greatly appreciated.