0x06 Level 6: Student Center
In this exercise, you get to maintain a student list.
In this level, there are 6 vulnerabilities, falling into the following classes:
Note: Your changes are only persisted for your current session.
<form action="http://levels-b.hacker101.com/level6/post_add" method="POST"> <input type="text" name="firstname" value="CSRF"><br> <input type="text" name="lastname" value="TEST"><br> <input id="button" type="submit"> </form>
0x07 Level 7: Guardian
In this exercise, you lack credentials.
In this level, there are 2 vulnerabilities, falling into the following classes:
0x08 Level 8: Document Exchange
In this exercise, you’re given the power of file uploads.
In this level, there are 5 vulnerabilities, falling into the following classes:
In theory, you shouldn't be able to overwrite templates/code for the coursework, but that's not 100% so try not to do it, please!
修改MIME type为XSS payload
https://levels-b.hacker101.com/level8/view/1281?download=True and 0