Back to Home

Day 2 of #100DaysOfHacking consistently

Post on 28 May 2023 | 1 min read

Day 2 - Solved SQLi, XSS labs and pwned valley machine on Tryhackme.

SQLi labs solved

web-img-1

XSS labs completed

web-img-1

Following labs completed.

# Day 2 - Solved SQL injection and XSS labs from portswigger web security academy

Labs: https://portswigger.net/web-security/all-labs

Leaning path: https://portswigger.net/web-security/learning-path

# SQLi

1. SQL injection UNION attack, finding a column containing text
2. SQL injection UNION attack, retrieving data from other tables
3. SQL injection UNION attack, retrieving multiple values in a single column

# XSS

1. Reflected XSS into HTML context with nothing encoded
2. Stored XSS into HTML context with nothing encoded
3. DOM XSS in document.write sink using source location.search
4. DOM XSS in innerHTML sink using source location.search
5. DOM XSS in jQuery anchor href attribute sink using location.search source

# Tryhackme

room completed:

https://tryhackme.com/room/valleype
Back to Home
preloader