Комментарии:
Fantastic! I was incredibly frustrated only to find out I used MY ID instead of the actual lab ID LOL Thought that would be funny to mention.
Ответить
Hey , your analysis is wrong. The problem isn't contains() , its where the user input ends up , inside jquery selector $() ; Proof of concept is simple , in the console , do this
$("<img src=1 onerror=alert(1)>");
best👍👍👍👍👍
Ответить
With out your help, i struggled with this lab. Not convinced it should be 'apprentice level' on portswigger. Thankyou for your help.
Ответить
Thank you for the explanation that provides some context to all this!
Ответить
wow, this is amazing! i solved this box but without really knowing what i was doing but now your video makes it all clear! big thx :)
Ответить
why the lab was solved only by iframe ?
Ответить
Great explanation! How can we effectively analyze the js code? It contains so much data and functions
Ответить
It's a bit difficult to understand brother. Could you explain in simple terms? Even Though I work in cybersecurity, this is a bit tough.😁
Ответить
This a good video !!
Ответить
You are underrated
Ответить
Thank you for giving us some high level octane knowledge! You're the best!
Ответить
Thank you for the clear and very informative video.🎉🎉
Ответить
man this one was super aennoying
Ответить
great explanation, thanks mate
Ответить
why was this in the apprentice level though...its actually harder than most apprentice labs in XSS sections
Ответить
Very precise explanation, why do we need that iframe code?
Ответить
Awesome explanation, thanks mate!
Ответить
![Mechagodzilla Kills Skullcrawler | Godzilla vs. Kong (2021) [8K Upscale]](https://invideo.cc/img/upload/QTBxTUFDQUVuczY.jpg "Mechagodzilla Kills Skullcrawler | Godzilla vs. Kong (2021) [8K Upscale]")
