Book Image

Kali Linux CTF Blueprints

By : Cameron Buchanan
Book Image

Kali Linux CTF Blueprints

By: Cameron Buchanan

Overview of this book

Table of Contents (14 chapters)
Kali Linux CTF Blueprints
About the Author
About the Reviewers

Scenario 1 – maxss your haxss

This scenario will allow you to create a very basic application that will accept input from a user and return it in the HTML code of another page. This should indicate to you that it's likely to be a cross-site scripting (XSS) attack. I'm going to give you some very boring-looking code, and you can dress it up later if you wish.

A section on attacks against users and social engineering wouldn't be complete without even a brief mention of XSS—that most basic and pervasive of attacks. The merest mention of vulnerability to this attack used to make information security officers sweat; now they barely nod. It is accepted that one of the first things that a hacker or computer deviant learns is how to perform XSS. For those that don't know, XSS is the act of forcing JavaScript into the HTML of a web page and using it to perform actions. It can be used to deface websites and generally cause mischief and upset; however, its most widespread use is to steal unprotected...