You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -73,12 +73,28 @@ At this point, if you've never used Burp Suite before, just spend a minute click
10. Scroll down again to `Redirections`. Under "Follow redirections:", select `Always`.
11. At the top, click `Start Attack`. If you used `john.lst`, you should see pretty quickly that one of the passwords gave a result for "Welcome"... (hint: you already logged in with the admin password earlier...)
11. At the top, click `Start Attack`. If you used `john.lst`, you should see pretty quickly that one of the passwords gave a result that was flagged for the string "Welcome" (hint: you already logged in with the admin password earlier...)
## Exercise X: Reflected XSS
In Firefox, navigate to `http://metasploitable/dvwa`, and click on `XSS reflected` in the left panel. Exploit the text input using XSS.
{% capture text %}
<pre>
<script>alert("pwned!")</script>
</pre>
{% endcapture %}
{% include cheat.html text=text %}
Bonus question: you just XSS'd yourself, which isn't really that great. How could you XSS someone else with this exploit?
{% capture text %}
<p>
The XSS attack is embedded in the URL, so you could send someone a link with your XSS parameters pre-filled in. If they click it when they're logged in, the code will run on their machine.