TryHackMe: Cross-site Scripting Writeup

This room aims to teach how to detect and exploit XSS vulnerabilities, giving you control of other visitors’ browsers. This room can be accessed using this link: https://tryhackme.com/room/xssgi

Task 1: Room Brief

1. What does XSS stand for? Answer: Cross-Site Scripting

Task 2: XSS Payloads

1. Which document property could contain the user’s session token? Answer: document.cookie
2. Which JavaScript method is often used as a Proof Of Concept? Answer: alert

Task 3: Reflected XSS

1. Where in an URL is a good place to test for reflected XSS? Answer: parameters

Task 4: Stored XSS

1. How are stored XSS payloads usually stored on a website? Answer: database

Task 5: DOM Based XSS

1. What unsafe JavaScript method is good to look for in source code? Answer: eval()

Task 6: Blind XSS

1. What tool can you use to test for Blind XSS? Answer: xsshunter
2. What type of XSS is very similar to Blind XSS? Answer: Stored XSS

Task 7: Perfecting your payload

1. What is the flag you received from level six? Answer: THM{XSS_MASTER}

Task 8: Practical Example (Blind XSS)

1. What is the value of the staff-session cookie? Answer: 4AB305E55955197693F01D6F8FD2D321

Follow me on LinkedIn: https://www.linkedin.com/in/-prashantkumar07/