The following is my documentation on PortSwigger’s Academy labs. End Goal: Perform an XSS attack on the target page that injects an attribute that calls the alert function This Lab requires us to exploit a vulnerable canonical link tag. If that sentence did not sound like Klingon to you then qapla’! You probably don’t need […]
Solution for PortSwigger’s Lab: XSS with some SVG markup allowed
The following is my documentation on PortSwigger’s Academy labs. End Goal: Use an XSS attack to call an alert() function Just like in our previous two labs, we will be using Burp Suite to automate our task of finding out which tags and events are allowed past our WAF (Web Application Firewall). For a detailed, […]
Solution for PortSwigger’s lab: Reflected XSS into HTML context with all tags blocked except custom ones
The following is my documentation on PortSwigger’s Academy labs. End Goal: Perform a cross-site scripting attack that injects a custom tag and automatically alerts document.cookie This lab appears to assume that you have completed the previous lab. As such, many of the steps to get to our final payload are the same. Here is a […]
Solution for PortSwigger’s Academy: Reflected XSS into HTML context with most tags and attributes blocked
The following is my documentation on PortSwigger’s Academy labs. End Goal: Bypass the WAF and call the print() function The last time we encountered a WAF (Website Application Firewall), our workaround was pretty simple. This time around we are going to have to do a lot of hunting and testing to see just how to […]
Solution for PortSwigger’s Academy: Stored DOM XSS
The following is my documentation on PortSwigger’s Academy labs. End Goal: Exploit a stored DOM vulnerability and call the alert() function in the comments In this lab, we are asked to perform a stored XSS. This is something we have performed before, but this time our comments are being filtered, so we’ll have to go […]