This lab demonstrates a DOM-based redirection vulnerability that is triggered by web messaging. To solve this lab, construct an HTML page on the exploit server that exploits the vulnerability and alerts document.cookie.
Go to the exploit server and add the following iframe to the body, remembering to replace your-lab-id with your lab ID:
Store the exploit and deliver it to the victim.
Want to track your progress and have a more personalized learning experience? (It's free!)