13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024

8 months ago 54
BOOK THIS SPACE FOR AD
ARTICLE AD

This lab blocks all HTML tags except custom ones. To solve the lab, perform a cross-site scripting attack that injects a custom tag and automatically alerts document.cookie | Karthikeyan Nagaraj

Karthikeyan Nagaraj

This lab blocks all HTML tags except custom ones.

To solve the lab, perform a cross-site scripting attack that injects a custom tag and automatically alerts document.cookie.

Go to the exploit server and paste the following code, replacing YOUR-LAB-ID with your lab ID:
<script> location = 'https://YOUR-LAB-ID.web-security-academy.net/?search=%3Cxss+id%3Dx+onfocus%3Dalert%28document.cookie%29%20tabindex=1%3E#x'; </script>Click “Store” and “Deliver exploit to victim”.If that doesn’t work, click view exploit to make sure it works.Then deliver it again and again to solve the lab.

This injection creates a custom tag with the ID x, which contains an onfocus event handler that triggers the alert function. The hash at the end of the URL focuses on this element as soon as the page is loaded, causing the alert payload to be called.

Read Entire Article