In Excercise 5 Question 2b - Actual Clobbering

0 votes
In Excercise 5 Question 2b - Actual Clobbering. It is asking for the string (element) we can inject as an attacker.

Here inject means, we are allowed to change the HTML file and add our element directly to the file
or
does it mean that we should enter our string in the input filed and that input should change the action of the form ?

Regards,
in ex01 by
edit history

1 Answer

0 votes

Hi,

you can change the HTML for your own testing.

You should not use the input field to enter your solution.

However, please ONLY submit the injected elements.

Example:
Your submitted solution should only have the following content, if it is everything that you injected:

<element attribute="value"></element>

I hope this clears that up. Otherwise, do not hesitate to ask again, please.

Cheers
Sebastian

by (1.2k points)
edit history
0
It does, thanks.
by