TryHackMe: Advent of Cyber - Day 5 - Pesky Elf Forum
This is a write up for the Day 5 - Pesky Elf Forum challenge in the Advent of Cyber room on TryHackMe. Some tasks may have been omitted as they do not require an answer.
What flag did you get when you disabled the plugin?
After logging in a McSkidy, we add a comment to check if a Stored XSS vulnerability is present.
Add an underline to the text and as it is rendered, Stored XSS is present.
<u>test</u>
As we are trying to change the Grinch’s password, we can add a comment with the follow code.
<script>fetch('/settings?new_password=pass123');</script>
We can now attempt to log in as the Grinch.
grinch:pass123
Disabling the ‘Christmas to Buttmas’ plugin reveals the following flag.
Answer: THM{NO_MORE_BUTTMAS}
Recap
In this task we learnt:
- What is an XSS vulnerability
- What Types of XSS vulnerabilities there are Challenge Walkthrough