TryHackMe: Cross-site Scripting Writeup

1 min readApr 3, 2022
Cross-Site Scripting Logo from TryHackMe

This room aims to teach how to detect and exploit XSS vulnerabilities, giving you control of other visitors’ browsers. This room can be accessed using this link:

Task 1: Room Brief

  1. What does XSS stand for? Answer: Cross-Site Scripting

Task 2: XSS Payloads

  1. Which document property could contain the user’s session token? Answer: document.cookie
  2. Which JavaScript method is often used as a Proof Of Concept? Answer: alert

Task 3: Reflected XSS

  1. Where in an URL is a good place to test for reflected XSS? Answer: parameters

Task 4: Stored XSS

  1. How are stored XSS payloads usually stored on a website? Answer: database

Task 5: DOM Based XSS

  1. What unsafe JavaScript method is good to look for in source code? Answer: eval()

Task 6: Blind XSS

  1. What tool can you use to test for Blind XSS? Answer: xsshunter
  2. What type of XSS is very similar to Blind XSS? Answer: Stored XSS

Task 7: Perfecting your payload

  1. What is the flag you received from level six? Answer: THM{XSS_MASTER}

Task 8: Practical Example (Blind XSS)

  1. What is the value of the staff-session cookie? Answer: 4AB305E55955197693F01D6F8FD2D321

Follow me on LinkedIn: