HTML Injection-Reflected (POST)


In this also we can use the same techniques as we used in Reflected (Get) HTML injection

6.2 7.1
Or we can do it like this also by capturing the request and inject the html <h1> tag and in the response it will show us the edited content. 8.1
Put some random name or word in the name field and capture the post request in burp. 9.1
Now inject the html tag in name fields and forward the request. 10.1 11.1
We have successfully change the first name in the post request and also injected a redirect link, using this we can trick any user to click on that link and they will be redirect to that specific page of our choice.

~ Hack the World and Stay Noob

Twitter / Hack The Box / CTF Team / Teck_N00bs Community Telegram

Comments