ðŸšĐ
THM Walkthroughs
  • THM Walkthroughs
    • 🧑‍ðŸŦTutorial
  • ðŸŸĶDifficulty: Info
    • 🔌What is Networking?
    • 🔌Intro to LAN
    • 🐧Linux Fundamentals
      • 🐧Linux Fundamentals Part 1
        • Task 2 - A Bit of Background on Linux
        • Task 4 - Running Your First few Commands
        • Task 5 - Interacting With the Filesystem!
        • Task 6 - Searching for Files
        • Task 7 - An Introduction to Shell Operators
      • 🐧Linux Fundamentals Part 2
        • Task 3 - Introduction to Flags and Switches
        • Task 4 - Filesystem Interaction Continued
        • Task 5 - Permissions 101
        • Task 6 - Common Directories
      • 🐧Linux Fundamentals Part 3
        • Task 3 - Terminal Text Editors
        • Task 4 - General/Useful Utilities
        • Task 5 - Processes 101
        • Task 6 - Maintaining Your System: Automation
        • Task 8 - Maintaining Your System: Logs
    • 🊟Windows Fundamentals
      • 🊟Windows Fundamentals 1
      • 🊟Windows Fundamentals 2
      • 🊟Windows Fundamentals 3
    • 🔓Principles of Security
    • 🐍Python Basics
    • 🔍History of Malware
    • ðŸĶđCommon Attacks
    • ðŸ–ĨïļSecurity Awareness
    • ⚔ïļIntro to Offensive Security
    • ðŸĶđPentesting Fundamentals
    • 🔓CVE Walkthroughs
      • ðŸ–ĨïļSudo Security Bypass: CVE-2019-14287
      • ðŸ–ĨïļSudo Buffer Overflow: CVE-2019-18634
      • ðŸ–ĨïļBaron Samedit: CVE-2021-3156
      • ðŸ–ĨïļOverlayFS: CVE-2021-3493
      • ðŸ–ĨïļPolkit: CVE-2021-3560
      • ðŸ–ĨïļPwnkit: CVE-2021-4034
      • ðŸŠķApache HTTP Server Path Traversal: CVE-2021-41773/42013
      • ðŸ§ŧDirty Pipe: CVE-2022-0847
      • ðŸŸĒSpring4Shell: CVE-2022-22965
    • 🟧Burp Suite
      • 🟧Burp Suite: The Basics
      • 🟧Burp Suite: Repeater
    • 🏁Challenges
      • âĪīïļBypass Disable Functions
    • 🎟ïļTHM PROMOs
      • 🎟ïļLearn and win prizes [PROMO ENDED]
      • 🎟ïļLearn and win prizes #2 [PROMO ENDED]
  • ðŸŸĐDifficulty: Easy
    • 🚀Learning Cyber Security
    • 🔁The Hacker Methodology
    • 🔍Google Dorking
      • Task 2 - Let's Learn About Crawlers
      • Task 4 - Beepboop - Robots.txt
      • Task 5 - Sitemaps
      • Task 6 - What is Google Dorking?
    • 🐝OWASP Top 10
      • Task 5 - Command Injection Practical
      • Task 7 - Broken Authentication Practical
      • Task 11 - Sensitive Data Exposure (Challenge)
      • Task 13 - XML External Entity - eXtensible Markup Language
      • Task 14 - XML External Entity - DTD
      • Task 16 - XML External Entity - Exploiting
      • Task 18 - Broken Access Control (IDOR Challenge)
      • Task 19 - Security Misconfiguration
      • Task 20 - Cross-site Scripting
      • Task 21 - Insecure Deserialization
      • Task 24 - Insecure Deserialization - Cookies
      • Task 25 - Insecure Deserialization - Cookies Practical
      • Task 30 - Insufficient Logging and Monitoring
    • ðŸ“ĄNmap
      • Task 2 - Introduction
      • Task 3 - Nmap Switches
      • Task 5 - TCP Connect Scans
      • Task 6 - Scan Types SYN Scans
      • Task 7 - UDP Scans
      • Task 8 - NULL, FIN and Xmas
      • Task 9 - ICMP Network Scanning
      • Task 10 - NSE Scripts Overview
      • Task 11 - Working with the NSE
      • Task 12 - Searching for Scripts
      • Task 13 - Firewall Evasion
      • Task 14 - Practical
    • ðŸ“ĄRustScan
      • Task 2 - Installing RustScan
      • Task 5 - Extensible
      • Task 7 - Scanning Time!
      • Task 8 - RustScan Quiz
    • 🐙Crack the hash
    • 🌍OhSINT
    • 🧑‍🚀Vulnversity
    • 🧊Ice
    • 🊟Blue
    • 🎄Advent of Cyber 4 (2022)
  • ðŸŸĻDifficulty: Medium
    • 🊟Attacktive Directory
      • Task 3 - Welcome to Attacktive Directory
      • Task 4 - Enumerating Users via Kerberos
      • Task 5 - Abusing Kerberos
      • Task 6 - Back to the Basics
      • Task 7 - Elevating Privileges within the Domain
      • Task 8 - Flag Submission Panel
    • 💀Mr Robot CTF
    • 🛗Linux PrivEsc
    • 🛗Linux PrivEsc Arena [WIP]
    • 🛗Windows PrivEsc Arena
  • 🟧Difficulty: Hard
    • 🐘Hacking Hadoop [WIP]
  • ðŸŸĨDifficulty: Insane
    • ⛹You're in a cave [WIP]
  • Blank Room (Duplicate Me)
Powered by GitBook
On this page
  • Task 20 [Severity 7] Cross-site Scripting
  • Deploy the VM
  • Navigate to http://MACHINE_IP/ in your browser and click on the "Reflected XSS" tab on the navbar; craft a reflected XSS payload that will cause a popup saying "Hello".
  • On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.
  • Now navigate to http://MACHINE_IP/ in your browser and click on the "Stored XSS" tab on the navbar; make an account. Then add a comment and see if you can insert some of your own HTML.
  • On the same page, create an alert popup box appear on the page with your document cookies.
  • Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.
  1. Difficulty: Easy
  2. OWASP Top 10

Task 20 - Cross-site Scripting

PreviousTask 19 - Security MisconfigurationNextTask 21 - Insecure Deserialization

Last updated 2 years ago

Task 20 [Severity 7] Cross-site Scripting

Deploy the VM

No answer needed

Navigate to http://MACHINE_IP/ in your browser and click on the "Reflected XSS" tab on the navbar; craft a reflected XSS payload that will cause a popup saying "Hello".

Reveal Flag

ThereIsMoreToXSSThanYouThink

On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.

In Javascript window.location.hostname will show your hostname, in this case your deployed machine's hostname will be its IP.

Reveal Flag

ReflectiveXss4TheWin

Now navigate to http://MACHINE_IP/ in your browser and click on the "Stored XSS" tab on the navbar; make an account. Then add a comment and see if you can insert some of your own HTML.

On the same page, create an alert popup box appear on the page with your document cookies.

Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.

HINT: <script>document.querySelector('#thm-title').textContent = 'I am a hacker'</script>

Reveal Flag
Reveal Flag
Reveal Flag

HTML_T4gs

W3LL_D0N3_LVL2

websites_can_be_easily_defaced_with_xss

ðŸŸĐ
🐝
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ
ðŸšĐ