Exploiting XSS in websockets

gramas19 · October 10, 2023, 12:58am

Hello!

I have been stuck on the section Exploiting XSS in websockets in the module “MODERN WEB EXPLOITATION TECHNIQUES” where I have to obtain the admin user’s cookie.

I have a working payload and when I send the payload to the local machine with document.domain I can see the domain, but it does not work with document.cookie because some firewall is preventing me from exfiltrating the cookie.

Has anyone managed to solve this section?

EsTX · November 4, 2023, 2:43pm

Were you able to obtain the flag?

gramas19 · November 4, 2023, 3:00pm

Unfortunately I haven’t been able to obtain the flag yet

EsTX · November 4, 2023, 3:06pm

neither do I
This section is more difficult than the others

EsTX · November 9, 2023, 10:04pm

Anyone to need help to complete this section, little hint:

Payload: <img src="x" onerror=socket.send(doc...)>

and remember, there are 2 endpoints /userws and /adminws

gramas19 · November 10, 2023, 3:07pm

Thank you! I managed to solve the exercise now

jsll · January 21, 2024, 9:23am

Hello everyone, has anyone completed the skill assessment? I needed 1 - 2 tips on how to get the passwords for the users admin and htb-stdnt.

Ginnz · August 29, 2024, 2:54pm

i was try document.cookie but don’t work. Have another idea?

Ginnz · September 4, 2024, 1:48am

After send about 40 request in about 3s, i have flag!

Topic		Replies	Views
Whitebox Attacks - Prototype Pollution Academy academy-help	13	667	October 18, 2024
Abusing http misconfigurations Academy	22	1720	March 20, 2024
XSS (Cross-site scripting) Skills Assessment Academy	3	857	March 28, 2024
HTTP Attacks - HTTP Response Splitting Academy	25	1089	December 7, 2024
ADVANCED XSS AND CSRF EXPLOITATION - Skills Assessment Academy	30	1881	December 16, 2024

Exploiting XSS in websockets

Related topics