0.01 Class 10 XSS - cloudsecuritylabs/ethicalhackingclass GitHub Wiki

XSS

https://sagarvd01.medium.com/learning-xss-with-googles-xss-game-f44ff8ee3d8b
Samy my hero! https://www.vice.com/en/article/wnjwb4/the-myspace-worm-that-changed-the-internet-forever
AJAX https://www.w3schools.com/xml/ajax_intro.asp

Lab 1 and 2 is much easier with Docker:

sudo apt install docker.io
sudo docker run -d -p 8000:80 raesene/bwapp
localhost:8000/install.php

Lab:

http://localhost:8181/lfi-lab/generate.php?name=<annotation+content= ""+file = "admin/index.php"+/>
http://localhost:8181/lfi-lab/generate.php?name=<annotation+content= ""+file="admin/log.txt"+/>
http://localhost:8181/lfi-lab/admin?param=LFI_is_great&pass=NewPassFor2019!!