Re: Help with http://xss-quiz.int21h.jp

[Vinox <vinoxious () gmail com>]

Hello Yawnmoth,

                         yes you are quite right .. because everything is
being done in the response of the server.. so I cannot even figure looking
at the source code.... Ofcourse I will need to understand Javascript fully
.. what do you think about it ??

thanks andr regard,
Vinox



yawnmoth wrote:
> javascript:alert(document.domain);
>
> I am curious, incidentally, as to what kind of XSS that would qualify
> as.  It's kinda reflected in that the GET or POST request must contain
> the payload, but it also requires user intervention.  Also, given the
> nature of this XSS, I don't think you can even do clickjacking with
> it.
>
> On Tue, Nov 25, 2008 at 1:28 AM, Vin Oxious <vinoxious () gmail com> wrote:
> > Hello Friends,
> >
> >                      I need help with the site :
> > http://xss-quiz.int21h.jp based on XSS Challenge.. I am not able to
> > figure out how to proceed any further at the stage :
> >
> > http://xss-quiz.int21h.jp/stage008.php?sid=c7bd38c2914d016b2be6c9adb9ef64b671d57e75
> >
> > If help would be appreciated
> >
> > thanks and regards
> > Vinox

-- 
View this message in context: http://www.nabble.com/Help-with-http%3A--xss-quiz.int21h.jp-tp20683507p20696500.html
Sent from the Security Basics mailing list archive at Nabble.com.