Запретный код 2 (Forbidden Code 2) — HackerLab

hackerlab

Task: Web app with login system that logs failed attempts with User-Agent. Solution: Stored XSS via User-Agent injection, bypassing WAF with string concatenation and bracket notation, stealing admin cookies via location redirect.

waf_bypass xss stored_xss cookie_stealing user_agent_injection

string_concatenation_bypassbracket_notationsvg_onloadlocation_redirect

$ ls tags/ techniques/

waf_bypass xss stored_xss cookie_stealing user_agent_injection

string_concatenation_bypassbracket_notationsvg_onloadlocation_redirect

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[web][Pro]Запретный код (Forbidden Code)— hackerlab
[web][Pro]Авторизация 2.0 (Authorization 2.0)— hackerlab
[web][Pro]Доступ запрещён (Access Denied)— hackerlab
[web][Pro]Базовая авторизация 3 — HackerLab— hackerlab
[web][Pro]Базовая авторизация 2 (Basic Auth 2)— hackerlab