Web - Client
Javascript - Stored XSS 1
Javascript - Stored XSS 1
Please help me solve this challenge. I am new to XSS, on my research show that the message form is vurnerable to XSS. But i cant seem to find a way to have the document.cookie visible in an alert message pop up. Thanks in advance.
Aphro
Javascript - Stored XSS 1
aphro,
Let me try to be more precise. What you want is to get the admin’s cookie. You will not achieve this using just an alert box. That’s where XSS comes in. Concentrate on how to get the cookie, before trying to print it out. 😉
Furthermore, discussing with another user it comes out that the challenge does not respond to all the possible ways to achieve this. At least one "well known" way doesn’t work, but some others do work.
Hope that helps. :)
Javascript - Stored XSS 1
I’ve seen a way of doing this, but it involves php - is it strictly necessary to use php to solve this challenge? It seems like so because javascript is just client-side.
If this is the case, do I need to actually host one or can I do it in my local machine?
Thanks!
Javascript - Stored XSS 1
Hello, someone please help me. I try to decide this task for two days.
I have a web server with logs. And I write a js code to message field, it redirect throw the image admin cookie, but I don’t give its in my web site.
Uncommonly, after i post my message, i give the next message : "Vos messages ont bien été lus / Your messages have been read". How I can right get cookie.?Thanks.
Javascript - Stored XSS 1
For those who want to use any hosting provider to solve the challenge, please note that HTTPS requests will probably fail miserably although the same using an insecure HTTP connexion will work as a charm… I lost time because of that :/