Thursday 1 August 2019, 18:33 #2
XSS - Stored - filter bypas
I’m stuck too, I have a payload working but admin not triggering.
I saw this tip in an old post:
"Some XSS which works on your browser will not be execute by the bot. There is only one XSS available. The bot is CasperJS. You can install it to test your payload if you want."
But haven’t dug into it yet. Would love a hint too if anyone has some progress
Monday 13 April 2020, 06:04 #8
XSS - Stored - filter bypas
Anonymous
I tried all these and still it doesnt work
[Th1b4ud : spoil event]
Monday 13 April 2020, 19:41 #10
XSS - Stored - filter bypas
Anonymous
Lol this challenge is annoying, I cant figure it out.