🧪 DOM-Based XSS Lab (Home Page)

📌 Info

This lab contains a DOM-based cross-site scripting (XSS) vulnerability on the home page.

It uses jQuery's $() selector function to auto-scroll to a given post, whose title is passed via the location.hash property.

🎯 Goal

Deliver an exploit to the victim that calls the print() function in their browser.

⚠️ Vulnerability

• The application uses jQuery to auto-scroll to a target post.
• The target post is taken directly from location.hash.
• No filtering or sanitization is applied.
• This allows malicious payloads to be injected and executed.

Example of normal usage:

<https://vulnerable-website.com/#post1>

🛠️ Exploitation Steps

1. Replace the post ID with a malicious payload:

   <https://vulnerable-website.com/#><img src=print()>
   
   

   → This demonstrates injection, but it is not enough for solving the lab.

2. Since the lab requires delivering the exploit via the exploit server, we must embed the payload in an iframe.