search

Lab 3

hashtag
Objective: Get document.cookie

hashtag
Automatic method

In this lab, we are recommended to use DOM Invader as it saves us time and effort. First just use it like the same open the browser and the extension

And we get the alert here after exploiting the exploiting the gadget which is hitCallback

Here is the generated payload that calls an alert

Now, the objective is to steal the cookie, Portswigger already mad a server for which we can deliver the payload

We craft the exploit with <script> tags in the body with the location reference being our payload

But the payload is URL-encoded, we can check using Cyberchef

hashtag
Exploit

Only change the alert to a document.cookie and the exploit is set.

PreviousLab 2NextConstructor

Last updated