filmov
tv
Exploiting Cross-site Scripting to Steal Cookies Without Collaborator
Показать описание
We look at a XSS attack that steals cookies based on Burp's web security lab with the title 'Exploiting cross-site scripting to steal cookies'.
This lab is designed to be solved with Burp collaborator but this is only available in the professional edition in Burp. There is an alternative solution that does not involve Burp collaborator but it's quite a bit harder and involves an additional CSRF vulnerability.
We walk through the alternative harder solution to this lab which does not require Burp collaborator. Once the cookies is stolen we then transition into an active session hijacking attack for a full account takeover.
Exploiting Cross-site Scripting to Steal Cookies (Without Burp Collaborator - Alternative Solution)
Support This Channel
======================
Please like and subscribe, it means a lot!
Please buy me a coffee so I can continue to make content.
Join our Discord
00:00 Introduction
00:35 Burp collaborator
01:49 General XSS attack procedure
03:53 Exploring the lab
06:13 Post comment http request
07:40 Bypassing CSRF protection
09:47 Writing an exploit
14:14 Submitting the payload
15:20 Session hijacking
16:06 Lab summary
This lab is designed to be solved with Burp collaborator but this is only available in the professional edition in Burp. There is an alternative solution that does not involve Burp collaborator but it's quite a bit harder and involves an additional CSRF vulnerability.
We walk through the alternative harder solution to this lab which does not require Burp collaborator. Once the cookies is stolen we then transition into an active session hijacking attack for a full account takeover.
Exploiting Cross-site Scripting to Steal Cookies (Without Burp Collaborator - Alternative Solution)
Support This Channel
======================
Please like and subscribe, it means a lot!
Please buy me a coffee so I can continue to make content.
Join our Discord
00:00 Introduction
00:35 Burp collaborator
01:49 General XSS attack procedure
03:53 Exploring the lab
06:13 Post comment http request
07:40 Bypassing CSRF protection
09:47 Writing an exploit
14:14 Submitting the payload
15:20 Session hijacking
16:06 Lab summary
0:18:45
Exploiting Cross-site Scripting to Steal Cookies Without Collaborator
0:04:02
Exploiting cross-site scripting to steal cookies (Video solution, Audio)
0:02:03
Exploiting cross site scripting to steal cookies (Video solution)
0:05:08
Exploit Cross-Site Scripting(XSS) To Capture Cookies
0:12:03
Exploiting cross-site scripting to steal cookies | PORTSWIGGER
0:03:51
Exploiting cross-site scripting to steal cookies
0:03:31
Exploiting cross-site scripting to steal cookies | Portswigger Academy
0:03:59
13.29 Exploiting cross-site scripting to steal cookies
0:22:46
Exploiting cross site scripting to steal cookies (XSS Blind) | Bug Bounty
0:06:33
Exploit Cross-Site Scripting(XSS) To Capture Passwords
0:15:44
Exploiting Cross-site Scripting to Capture Passwords (No Collaborator)
0:02:41
Exploiting cross site scripting to steal cookies
0:09:31
Cross-Site Scripting (XSS) Explained And Demonstrated By A Pro Hacker!
0:04:32
Exploiting cross-site scripting to steal cookies
0:11:51
How Hackers Use Stored Cross Site Scripting (XSS) to Steal Session Cookies (and how to mitigate it)
0:12:31
Exploiting cross-site scripting to steal cookies | PortSwigger XSS Labs 21
0:23:18
Exploiting cross-site scripting to steal cookies without burpsuite collaborator - Lab#22
0:01:39
Exploiting cross-site scripting to steal cookies
0:16:17
Exploiting Reflect cross-site scripting to steal cookies
0:04:21
Exploiting cross-site scripting to steal cookies | Portswigger
0:14:26
Exploiting Cross-Site Scripting(XSS) to Steal Cookies
0:07:29
Résolution de Lab: Exploiting cross-site scripting to steal cookies avec Owasp Zap.
0:05:17
Portswigger Web Academy XSS: Exploiting cross-site scripting to steal cookies #176
0:11:30
Steal cookies by exploiting stored XSS
Комментарии