Questions and Answers

How do I collect points?

  • +5
    Chosen as best answer
  • +1
    Posted answer
  • +1
    Posted question
  • +1
    Thumb up
  • -1
    Thumb down

by x0000000000000000000000000000000000000 in Challenge Help about April 19, 2017 open - report

Basic 41 XSS

Please help, I can't figure it out and I fail a class if I can't figure this out. I've tried using <script> tags, escaping with single quotes, escaping with double quotes, ending the function, and I CANNOT get any code to execute. I've read every thread on the forums, and nobody actually answers anything. Yes, I've read the XSS guides, so please don't just link, because I've tried everything on there and I'm just stuck. Please help.

I've inspected the DOM and sources at every step of the way, I just can't escape the string.

Here's some of what I've tried:




'+'}), (and other variations to try and add another function)

I've tried manipulating the $page variable

I am just stuck, and I need this challenge to get my degree, so could anyone point me in the right direction please?

Answers: 3 • Score 0 • Views: 1630
Browse by
  • 3

    by blackmailer about August 3, 2017

    found it

    • Score: 0
  • 3

    by blackmailer about August 1, 2017

    I'm also stuck on this challenge. I got a working injection, I've got a stealer that is working and I know how to change the cookie. However the cookie is abit weird? 

    • Score: 0
  • 116

    by Nightraven about April 20, 2017

    Hello. You need a cookie stealer and a domain to put it. That should be a good hint ;)


    Also, if the injection is valid it will let you know, but you need to include the variable that holds the cookie info!

You must login to post an answer.