Home page logo
/

basics logo Security Basics mailing list archives

Re: Help with http://xss-quiz.int21h.jp
From: Vinox <vinoxious () gmail com>
Date: Wed, 26 Nov 2008 00:15:43 -0800 (PST)


Hello Yawnmoth,

                         yes you are quite right .. because everything is
being done in the response of the server.. so I cannot even figure looking
at the source code.... Ofcourse I will need to understand Javascript fully
.. what do you think about it ??

thanks andr regard,
Vinox



yawnmoth wrote:

javascript:alert(document.domain);

I am curious, incidentally, as to what kind of XSS that would qualify
as.  It's kinda reflected in that the GET or POST request must contain
the payload, but it also requires user intervention.  Also, given the
nature of this XSS, I don't think you can even do clickjacking with
it.

On Tue, Nov 25, 2008 at 1:28 AM, Vin Oxious <vinoxious () gmail com> wrote:
Hello Friends,

                     I need help with the site :
http://xss-quiz.int21h.jp based on XSS Challenge.. I am not able to
figure out how to proceed any further at the stage :

http://xss-quiz.int21h.jp/stage008.php?sid=c7bd38c2914d016b2be6c9adb9ef64b671d57e75

If help would be appreciated

thanks and regards
Vinox




-- 
View this message in context: http://www.nabble.com/Help-with-http%3A--xss-quiz.int21h.jp-tp20683507p20696500.html
Sent from the Security Basics mailing list archive at Nabble.com.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]