Task 20 - Cross-site Scripting

Task 20 [Severity 7] Cross-site Scripting

Deploy the VM

Reveal Flag ๐Ÿšฉ

๐ŸšฉThereIsMoreToXSSThanYouThink

On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.

Reveal Flag ๐Ÿšฉ

๐ŸšฉReflectiveXss4TheWin

Now navigate to http://MACHINE_IP/ in your browser and click on the "Stored XSS" tab on the navbar; make an account. Then add a comment and see if you can insert some of your own HTML.

Reveal Flag ๐Ÿšฉ

๐ŸšฉHTML_T4gs

On the same page, create an alert popup box appear on the page with your document cookies.

Reveal Flag ๐Ÿšฉ

๐ŸšฉW3LL_D0N3_LVL2

Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.

Reveal Flag ๐Ÿšฉ

๐Ÿšฉwebsites_can_be_easily_defaced_with_xss

Last updated