XSS recipe | Defend the Web

HAL [VileAnnie]
4 years ago

0

Hi guys, I read many threads about XSS, so I made a code recipe to get me nice cookies.
Thought I was on the good path but my code injections just disappeared from the SecureUs page…
I think I have to change my ingredients just to be a little bit more stealthy, am I right?

� Open the pod bay doors, HAL.
� I’m sorry, Dave. I’m afraid I can’t do that.

fred [feuerstein]
4 years ago

0

Good luck mate. Have you had a look on owasp?

HAL [VileAnnie]
4 years ago

0

Thanks @feuerstein owasp looks like some great resource. Now I am connecting the dots with the examples I found, in a more efficient way (I hope so)
I also see that unfortunately the SecureUs XSS vulnerability doesn’t work anymore! But I think I know why ;)

…To Be Continued

� Open the pod bay doors, HAL.
� I’m sorry, Dave. I’m afraid I can’t do that.

Ice Booda [0x1ceb00da]
4 years ago

0

Good luck on your efforts. It’s tricky but fun challenge

I break stuff….. a lot

HAL [VileAnnie]
4 years ago

0

Following @feuerstein ’s advice I thought I had something consistent with the solution but SecureUs didn’t take the hook…
After 4 hours waiting, I have to shut xampp down and find another way :|

� Open the pod bay doors, HAL.
� I’m sorry, Dave. I’m afraid I can’t do that.