Mutillidae DOM Data
DOM(Document Object Model) client side normal attack
Why is DOM attack
DOM attack are use normally to inject the HTML tag attack , for example we have a comment box and we write some text with the html tags like : <b> ,<u> ,<del> etc.
Example Security label : 0
Do you know? why we use here sql-injection method to extract the data. Because the data display using the server scripting language by Sql fetch method.
- Open HTML 5 Web Storage page
- Just fill the input box as <h1>Your Text</h1>
Now click Add New , You can see the Tag are cross the html and exicute
Security label : 1
- Just fill the first input box as
- fill the second input box as Choose city
After click the Add New button , You can see this option box
💡 Tip : You can add the any HTML tag element