Challenge 19: Javascript for Pentesters

Welcome John!

User Settings for UID:3476 www

Objectives:

  1. Find John's Credit Card Number using an XSS vulnerability on this page
  2. Display the Credit Card Number in the div with id "result"
  3. Post the Credit Card Number to a simulated Attacker Server
  4. No Hardcoded values can be used - everything has to be figured out dynamically

Hints:

  1. Remember what you have learnt at Pentester Academy