O'Reilly logo

Kali Linux CTF Blueprints by Cameron Buchanan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exploitation guides

The following are exploit guides for the scenarios created in this chapter. These are guidelines and there are more ways to exploit the vulnerabilities.

Scenario 1 – cookie theft for fun and profit

The brief provided for this exploitation guide is assumed to be: steal the admin user's cookie from <IP>/input.php. Perform the following steps for this scenario:

  1. The first thing to do is to the browse the website. We can see that we have an input box.
  2. The brief says, "steal a cookie", so we can assume this is a cross-site scripting attack. We can add test messages to see whether the input is returned to us. As it doesn't return the input, we must assume that it's being passed to the admin somewhere as the brief suggests that an admin ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required