I wonder how would it be possible to learn xss and solve labs realted to it on port swigger academy if you wouldn't be there to explain these labs in detail
In the previous lab web added DOMContentLoaded to make sure a csrf token was generated before our script was exploited. I am not sure why this time DOMContentLoaded was not used. @z3nsh3ll is it because we assume that a csrf token will already have been generated or some other reason? Btw good explanation and video.
@@ra1Lgunn3r this time the function triggers when the password input is changed, and there's no way to change it before the DOM is loaded (and csrf token is generated)
we introduced the input fields ... to trick the browser to think that okay... "I have it saved somewhere with me the credentials and I should supply them 2 these input fields?? " is it correct ?
Yes, the browser is trying to be helpful by automatically supplying saved username and passwords to input fields. The browser may not always be able to tell the difference between the legitimate input fields and malicious input fields. The browser won't submit the username and password without the user's permission, however, simply filling the fields out is enough for us to be able to access them if we have JavaScript running in the victim's browser.
Hax() is a user defined custom function, not part of JavaScript. It simply creates a form along with the CSRF token and sends it to the /post/comment URL
I wonder how would it be possible to learn xss and solve labs realted to it on port swigger academy if you wouldn't be there to explain these labs in detail
does anyone knows how the browser automatically sends the password of administrator and then the function posts it
thank you for this detailed explination no one did it like you ❤❤❤
man beautiful video you are really good teacher
Yo...
That's cool bro....🔥🔥🔥🔥
Real good tut, thank you
Just a little question Why didn't we added "DomContentLoaded" event listner to the window just like the previous lab exploit here ?
In the previous lab web added DOMContentLoaded to make sure a csrf token was generated before our script was exploited. I am not sure why this time DOMContentLoaded was not used. @z3nsh3ll is it because we assume that a csrf token will already have been generated or some other reason? Btw good explanation and video.
@@ra1Lgunn3r this time the function triggers when the password input is changed, and there's no way to change it before the DOM is loaded (and csrf token is generated)
Hello! Where i can ffound the no officail code?
we introduced the input fields ... to trick the browser to think that okay... "I have it saved somewhere with me the credentials and I should supply them 2 these input fields?? " is it correct ?
Yes, the browser is trying to be helpful by automatically supplying saved username and passwords to input fields. The browser may not always be able to tell the difference between the legitimate input fields and malicious input fields. The browser won't submit the username and password without the user's permission, however, simply filling the fields out is enough for us to be able to access them if we have JavaScript running in the victim's browser.
What does the hax function do?
Hax() is a user defined custom function, not part of JavaScript. It simply creates a form along with the CSRF token and sends it to the /post/comment URL
@@z3nsh3ll Can we use any name instead of hax?
@@JohnWick-fy9kp Yes, that's just a custom name. We can call the function anything we want.
or you can use a webhook
very good bro
👏👏👏👏👏👏👏