Difficulty
Beginner
Details
This exercise explains how you can use a Cross-Site Scripting vulnerability to get access to an administrator's cookies. Then how you can use his/her session to gain access to the administration to find a SQL injection and gain code execution using it.
What you will learn?
- Cross-Site Scripting exploitation
- MySQL injection with FILE privilege
VulnHub