Contents of this article:
[TOC]
Introduction to XSS Challenges
Range address: XSS-quiz.INT21h. jp/
Compared to other ranges, this is an XSS platform that simulates a real environment, and the page does not give any hints.
Each level is more difficult, need to constantly improve their XSS attack ability.
Second, Stage# 1
The title
The answer
Type , click search and the XSS attack is successful.
Third, Stage # 2
The title
Train of thought
Try typing Hint Hint: close the current tag and add script tag… .
Then right-click to view the page source code, found can close the input box HTML tag: value=””>.
The answer
Enter: “><“, click search, correct pass.
Fourth, Stage # 3
The title
Train of thought
I try the first two levels of injection and find none, then look at the Hint that the search box has been properly migrated, and then look at the page source to see that it has indeed been migrated.
There is no way to inject this input box. If you look at the source code of the web page, you will find that this is a Post request, and the followingChoose a countryIf no processing is done, then this is the attack point, there is no way to operate on the page, so we need to borrow the Burp Suite.
The answer
We can see the answer by modifying the Post request to implement XSS injection.
Five, the Stage # 4
The title
Train of thought
Supposedly a new level, in front of the injection point can not be a problem, but still tried.
Actually, no.
Now touch the rule, look at the source code!!
Found a hidden field that may exist on a utilization point, Burp Suite arrangement.
The answer
Change the hidden field in the Post request via the Burp Suite and change the value to “><“, there is one more detail, is the need to close the tag, we have already experienced.
The number of subsequent close, today first to show you here!!
XSS Challenges Clearance: Stage #1
This article started at BigYoung