ST01: XSS Challenge (Solved)

Hack The Box Challenge
12

@1337

13

@Shouvo @santner In modern web browser it may not works… In windows 10 you can use Internet Explorer with disabling XSS filter. To Disable:

Follow these steps to disable XSS filter.

a. Open Internet Explorer and click on Tools .
b. Click on Internet Options and then select Security tab .
c. Click on Custom level .
d. Under Scripting select disable XSS filter and click Ok .
e. Close the window and restart Internet Explorer.

14

Then I am done :3 How can send the POC?

15

@santner Great.
Inbox me.

16

i think this challenge is vulnarable :stuck_out_tongue:
you must think about that …

17

Googling will help :wink:

18

@Shouvo Try a little bit… You can generate the popup. :+1:

19

only internet explorar or any browser show this ?

1 Like
20

I got the popup in Internet Explorer -7… :hugs:

1 Like
21

@Exploit-Baba Great job man… I have seen your POC. :+1:

1 Like
22

Uff :wink:

23

XSS is not a bug , it just popup :stuck_out_tongue: :smile:

24

:rofl::rofl::rofl::joy::joy::joy:

26

My POC for everyone…
Payload: <meta content='ThisIsAbout=EmulateIE7' http-equiv='x-ua-compatible' style='width:expression(alert(1))' >

5cb9e2e9e54831f7e03fd0d7150cef8001d8f4c9
5cb9e2e9e54831f7e03fd0d7150cef8001d8f4c9903×491 30.3 KB

3 Likes
27

Thanks man.

28

worst problem ever :confused:

1 Like
29

@Shouvo congratulations bro :hugs:

30

congratulations you toooooooooooo :heart_eyes:

31

Screenshot%20(4)
Screenshot%20(4)1366×768 71.6 KB

Whats Wrong With me

1 Like
32

The problem is solved :roll_eyes: