=

01 - Reflected XSS into HTML context with nothing encoded

This lab contains a simple reflected cross-site scripting vulnerability in the search functionality. To solve the lab, perform a cross-site scripting attack that calls the alert function.


End goal : call alert function


Start the lab, in homepage there is a search functionality. Which takes some input for searching and show the matching results. If I search for the word cs then

search

It get reflected in the top of search input box. That means it possibly getting concatenated into result title.

search

Now this time we have to search with a simple payload who uses script that to execute javascript. And an alert function inside that js code so that we can visibly find that script is executed or not.

Payload <script>alert(1)</script>


After clicking on search button an alert get popped up which indicates that script get executed.

popup

In above image you can see that our script get executed, and we got an alert popup.


Lab solved :
solved
(If you have any type of query / Question / suggestion .. feel free to ask below. We would be happy to connect you. Have a great day buddy!!)