In this video, I work through The Sticker Shop challenge room on TryHackMe. This requires using Cross-Site Scripting (XSS) to steal a file only available to the administrator.
I created a Python script to automate this process and show how to use it to solve this challenge.
Enjoy!
-----
Tool: https://github.com/TeneBrae93/ctf-scripts/blob/main/xss-data-extract.py
Hack Smarter: https://hacksmarter.org