trinetra.
cyber defense — learn
tutorials · lab 05 · stored xss cookie theft
05 / 10 · MARKET
03step · do it for real

A real comment box. A real admin bot. Your turn.

You've seen the script become the cookie. Now spawn an isolated blog with a vulnerable comment endpoint and an admin bot that visits new comments every 30 seconds. Catch the cookie on your listener; decode the flag.

Sandbox · ready to launch

Spawn stored-xss-cookie-theft

You'll get blog.acme.test (Node + Express + SQLite) plus a headless-Chrome admin bot and a netcat listener. Post a payload to /post/1/comment, wait for the bot to render it, capture the cookie, submit the flag. Session times out after 60 minutes of idle.

intermediate 250 xp ~45 min Node 20 · Puppeteer · 512 MB · cap-drop ALL
1POST a <script> payload to /post/1/comment
2Wait for the admin bot to render your comment
3Decode the captured cookie and submit the flag
Warm-up · 12 flashcards & 10 questions
Question
click to reveal · ← → keys to browse
Answer
click again to flip back
01 / 12