Web - Client
Web - Client - XXS Stored 1
greetings,
can someone tell me how often the admin will visit the site?, i got a payload wich works on my localhost test machine, and also on the challenge but it didn’t catch any coockies yet, so i wonder if I understand something wrong, the script isnt working or i just didnt waited long enough (waited around 15 minutes with some refreshes in between)
thanks in advance
Web - Client - XXS Stored 1
I missed the part where the site was telling me that the message was read... but there was no coockie send to my targeted website, if i try it with a coockie from another website (my localhost) it works so i miss something again, so if someone is so kind and would review my javascript that would be very usefull
thanks again
Web - Client - XXS Stored 1
Hi,
After a few days Iam a bit helpless with this challenge, my scripts does not fire if the admin visits the site or I search for the wrong things, and resets it. it sends following data:
A timestamp with
window.location
document.cookie
Every time the webpage is loaded, to my external web service wich will then safe it.
I do not see if the admin is on the page, doesn’t send anything.
I do not know for what I have to search other then a get parameter or a cookie, of someone would be so kind to give me a hint for other authentication methods, would be nice.
Thanks Syli