TryHackMe: Cross-site Scripting Writeup

Cross-Site Scripting Logo from TryHackMe

This room aims to teach how to detect and exploit XSS vulnerabilities, giving you control of other visitors’ browsers. This room can be accessed using this link: https://tryhackme.com/room/xssgi

Task 1: Room Brief

  1. What does XSS stand for? Answer: Cross-Site Scripting

Task 2: XSS Payloads

  1. Which document property could contain the user’s session token? Answer: document.cookie
  2. Which JavaScript method is often used as a Proof Of Concept? Answer: alert

Task 3: Reflected XSS

  1. Where in an URL is a good place to test for reflected XSS? Answer: parameters

Task 4: Stored XSS

  1. How are stored XSS payloads usually stored on a website? Answer: database

Task 5: DOM Based XSS

  1. What unsafe JavaScript method is good to look for in source code? Answer: eval()

Task 6: Blind XSS

  1. What tool can you use to test for Blind XSS? Answer: xsshunter
  2. What type of XSS is very similar to Blind XSS? Answer: Stored XSS

Task 7: Perfecting your payload

  1. What is the flag you received from level six? Answer: THM{XSS_MASTER}

Task 8: Practical Example (Blind XSS)

  1. What is the value of the staff-session cookie? Answer: 4AB305E55955197693F01D6F8FD2D321

Follow me on LinkedIn: https://www.linkedin.com/in/-prashantkumar07/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store