Username: 
Password: 
Restrict session to IP 
Vuln App #1
Questions  |  score: 0  |  5.00 5.00 5.00 |  Solved By 21 People  |  4970 views  |  since Jun 18, 2023 - 12:16:51

CGX#11: Cross Site Scripting (Training, CGX, Exploit)

CGX: SQL Injection
Hello future Hackers,

In this tutorial you will learn a tiny bit about XSS.
There is a little training challenge waiting for you, which we will dicuss in the video.

You can see the source of the vulnerable application under mask1.code

You can play with it a bit, like we did in the video, and the solution is the name of the php function that you can use to display userinput safely.

Greetings
- gizmore and x
Vuln App #1
Your solution for CGX#11: Cross Site Scripting
Answer
# CGX#11: Cross Site Scripting

This video introduces you to the concepts of
[Cross Site Scripting / XSS](https://owasp.org/www-community/attacks/xss/)

We will exploit a very simple XSS vuln single page application.

Please excuse us being clueless, cracking is an art ;)


ToC:

- What is XSS?
- Quotes again (hopefully)
- How to output user input?
- Charset awareness
- Other techniques (HTTP Header injection? URL injection?)
- Is Cross-Site-Scripting mostly Dead?
© 2023 and 2024 by gizmore and x