Web - Client

Thursday 24 January 2019, 15:26  #1
Web - Client | XSS Reflected
Christopher
Christopher
  • 1 posts

Hi

I found a way to communicate with the administrator and designed some payload using an event but I seem not to be able to make him interact with it. Are the events also supposed to be triggered when loaded ?

Friday 25 January 2019, 08:08  #2
Web - Client | XSS Reflected
Anonymous

I been trying to complete this challenge too, Im pretty much in the same situation u are in. Ive asked for help multiple times, but ppl rarely reply. Its frustrating. Im able to bypass filters on this one and "XSS - Stored - filter bypass " but I cant get the bot to interact with my payloads. I read somewhere that on the reflected xss the bot is casperjs. Ive looked into it but its confusing.

Friday 25 January 2019, 08:30  #3
Web - Client | XSS Reflected
Th1b4ud
Th1b4ud
  • 1636 posts

Send me your work by private message I will check it.

Friday 25 January 2019, 08:39  #4
Web - Client | XSS Reflected
Anonymous

i sent u mine, u never replied

Friday 25 January 2019, 09:01  #5
Web - Client | XSS Reflected
Th1b4ud
Th1b4ud
  • 1636 posts

Indeed haha ! I missed your message sorry  😊

Saturday 26 January 2019, 00:03  #6
Web - Client | XSS Reflected
Anonymous

I cant get the administrator to interact on both the reflected xss and filtered xss  😕  🙁  😡

Saturday 3 August 2019, 19:27  #7
Web - Client | XSS Reflected
ackbar03
ackbar03
  • 6 posts

Hi,

Does the casperjs bot use phantomjs or slimjs?

New reply New reply   New topic New topic