Web - Client
XSS - Stored 1
Hi There,
I have attempted to steal the cookie but I have failed, whether or not I failed because of my logic is what I want to clear up.
I attempted to inject a script that redirected to a domain with the cookie in the url, upon reading the payload the cookie was not found.
Both as part of the URL (?cookie=) or the header payload.
Does have to do with HttpOnly cookies (thus the challenge is broken) or am I just stupid.
Thanks
XSS - Stored 1
Hi all,
After injecting js - crypted payload i got user-session cookie. I suppose this cookie is mine. This one was not enough to validate the challenge. The administrator session cookie is still not to get so far. There is written, he or she should have read the message but where is the cookie, then ? Hmmm.. I redirected the session in stealth to my web - server where the cookies should have been saved..
XSS - Stored 1
spoil is returning me blank string. Help