Challenge 21: Javascript for Pentesters
Welcome John!
API Endpoints
www
Objectives:
Find John's Secret Questions+Answers using an XSS vulnerability on this page
Display the Questions+Answers in the div with id "result"
Send the Questions+Answers to your Attack Server
No Hardcoded values can be used - everything has to be figured out dynamically
Hints:
Remember what you have learnt at
Pentester Academy