To solve the lab, perform a cross-site scripting attack that calls the
alert function with the string
1337 contained somewhere in the
Stepwise Solution of the lab:-
After accessing the lab you can see there are lots of posts. (Scroll down a little bit)
But here we have nothing to do with those things. We will directly jump on URL. And inject this below payload.
After putting a ” / ” I simply wrote the payload. Now press enter and let’s see what will happen.
Well! We’ve successfully solved this lab.
Scroll down until the end. Here we found a button called Back to Blog. Click on it.
Well, we got a prompt or you can say Reflected XSS (Cross-site Scripting).
Be ready for its other parts 🙂
I hope you had loved reading this article after you had completed this article we highly recommend you to study the next article: Reflected XSS with AngularJS sandbox escape without strings, please don’t forget to leave a comment over here and share it with your friends as well, Good Luck!
Thank you for reading, if this article really helps you then do share it with your mates.
And follow @masaudsec on Twitter.
Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.
Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.
It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.
Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.