Description:
Many web sites these days are prone to XSS (Cross Site Scripting) attacks. Some web applications uses simple XSS filters to protect against XSS attack. But there are many ways to bypass those filters.
Objective:
This challenge is a simple XSS challenge. You are required to inject a simple alert to display "sectester rocks". For this challenge, You will learn to launch XSS attack and bypass simple XSS filters. This will be the fundamental for tougher challenge in future.
Environment:
The challenge was created with simple HTML and PHP.
The URL: Email me if you interested
Rules:
* Do not change the source code. You are suppose to inject script.
* It is a code challenge, manipulate the data not crack the server.
Technical resources:
http://en.wikipedia.org/wiki/Cross-site_scripting
- Basic on Cross Site Scripting
Feel free to provide comments on this challenge.
No comments:
Post a Comment