DVWA Exercises 3
Last updated
Was this helpful?
Last updated
Was this helpful?
Let's type in a password and grab the request in Burp
The attacker must prepare a Website with a manipulated string. This attack only works if the victim is logged in on the target website (session cookie must be valid) and clicks on the manipualted link.
Attackers Side:
cd /home/hacker
mkdir webroot
python3 -m http.server 8001
Create a html file with the following content:
Victim Side:
Attack string:
<img src="