XSS and MySQL FILE


This exercise explains how you can use a Cross-Site Scripting vulnerability to get access to an administrator's cookies. Then how you can use his/her session to gain access to the administration to find a SQL injection and gain code execution using it.

ISO

The ISO for this exercise can be downloaded by clicking here (178MB).


Course

You can access the course for this exercise by clicking here

Orange Badge

This exercise is part of the Orange Badge.