Challenge-16 HTML Injection 1
This was a simple one just input "><h1>@exploitprotocol</h1><xss input=" in Email field.
Challenge-17-First i tried to insert "><h1>@exploitprotocol</h1><xss input=" in Email and password but it was stripping the value's so i thought to comment out remaining portion.
so i inserted Email- "><h1>Vunerable<!--
Password- -->to+HTMLi<!--
and it worked.
Challenge 18-In this the following webapp analysis binary file and show the result corresponding.so i downloaded the file from the url and using the hex editor i replaced "This program cannot be run in DOS mode." with "<H1>Vunerable to HTMLi</H1>" and uploaded the file on dropbox[https://dl.dropboxusercontent.com/s/h0wm9cgim85h4d2/update_2.exe?dl=1&token_hash=AAHpw2vISIXoJdTrSdHMeOt23X9TRKQMlVkqTxzOOZJIow]
Challenge-19-In this webapp it display's the metadata of the .jpg file.so i downloaded then changed the software field of the file using software PhotoME .then pasted the link and it worked.
Overall all the challenges were pretty easy and were having different concept behind each Injection.
This was a simple one just input "><h1>@exploitprotocol</h1><xss input=" in Email field.
Challenge-17-First i tried to insert "><h1>@exploitprotocol</h1><xss input=" in Email and password but it was stripping the value's so i thought to comment out remaining portion.
so i inserted Email- "><h1>Vunerable<!--
Password- -->to+HTMLi<!--
and it worked.
Challenge 18-In this the following webapp analysis binary file and show the result corresponding.so i downloaded the file from the url and using the hex editor i replaced "This program cannot be run in DOS mode." with "<H1>Vunerable to HTMLi</H1>" and uploaded the file on dropbox[https://dl.dropboxusercontent.com/s/h0wm9cgim85h4d2/update_2.exe?dl=1&token_hash=AAHpw2vISIXoJdTrSdHMeOt23X9TRKQMlVkqTxzOOZJIow]
Challenge-19-In this webapp it display's the metadata of the .jpg file.so i downloaded then changed the software field of the file using software PhotoME .then pasted the link and it worked.
Overall all the challenges were pretty easy and were having different concept behind each Injection.
No comments:
Post a Comment