HTML Injection -Reflected (URL)

As you can see our current URL is http://192.168.140.138/bWAPP/htmli_current_url.php

12.1
Now capture the request in burp 13.1
In the host it’s showing the IP of the VM 14.1 15.1
(But using the HTML injection vulnerability we can change the URL which is specified in the web page and trick our victim.)

~ Hack the World and Stay Noob

Twitter / Hack The Box / CTF Team / Teck_N00bs Community Telegram

Comments

Related Posts

DIVA - Binary From Hell 😈 22 Aug 2020

DIVA - Environment setup 15 Aug 2020

DIVA - Insecure Logging 15 Aug 2020