TryHackMe: Cross-site Scripting Writeup
1 min readApr 3, 2022
This room aims to teach how to detect and exploit XSS vulnerabilities, giving you control of other visitors’ browsers. This room can be accessed using this link: https://tryhackme.com/room/xssgi
Task 1: Room Brief
- What does XSS stand for? Answer: Cross-Site Scripting
Task 2: XSS Payloads
- Which document property could contain the user’s session token? Answer: document.cookie
- Which JavaScript method is often used as a Proof Of Concept? Answer: alert
Task 3: Reflected XSS
- Where in an URL is a good place to test for reflected XSS? Answer: parameters
Task 4: Stored XSS
- How are stored XSS payloads usually stored on a website? Answer: database
Task 5: DOM Based XSS
- What unsafe JavaScript method is good to look for in source code? Answer: eval()
Task 6: Blind XSS
- What tool can you use to test for Blind XSS? Answer: xsshunter
- What type of XSS is very similar to Blind XSS? Answer: Stored XSS
Task 7: Perfecting your payload
- What is the flag you received from level six? Answer: THM{XSS_MASTER}
Task 8: Practical Example (Blind XSS)
- What is the value of the staff-session cookie? Answer: 4AB305E55955197693F01D6F8FD2D321
Follow me on LinkedIn: https://www.linkedin.com/in/-prashantkumar07/