XSS is an attack that can allow an attacker to insert a script into the target browser to execute arbitrary commands on the client side or steal user information such as cookies or sessions. This is a problem that occurs because users trust certain web applications.
Lab: Reflected XSS into HTML context with nothing encoded
[Information]
[Problem solving]
1. I found a search form in lab.
I have entered "alert()" function javascript code, and serched.
The lab was resolved with a warning window reading "You've been hacked".
Using javascript's alert function, I created a code as follows.
<!DOCTYPE html>
<head>
<title>XSS</title>
</head>
<body>
<body background="C:/Users/image.jpg">
<script>alert("You've been hacked");</script> <!-- alert() function javascript -->
<h1 style="color:black">shad0w</h1>
<ok background="C://User/image">
</body>
</html>
You can see the alert message.
And if you click the OK button, you'll see my nickname.
You can also use the alert() function script in the console window of the developer tool.
Lab: Stored XSS into HTML context with nothing encoded
[Information]
[Problem solving]
1. I checked that there was a section to write comments by accessing the lab and entering the post view. In the comments section I put the alert() script and uploaded it.
The lab was solved.
'Wargame & CTF > PortSwigger' 카테고리의 다른 글
| [Client-side topics] Cross-site request forgery (CSRF) (0) | 2024.04.08 |
|---|---|
| [Server-side topics] OS command injection (0) | 2024.03.29 |
| [Server-side topics] Path traversal (0) | 2024.03.25 |
| [Server-side topics] Authentication vulnerabilities (0) | 2024.02.27 |
| [Server-side topics] SQL injection (0) | 2024.02.11 |