We covered practical HTML Forms Injection using Burp Suite to solve Challenge 10 in OWASP Hackademic free lab.

We can test for HTML Injection by changing the value of the query parameter with html code Or this can be done via a proxy interceptor when the HTTP request is POST.

In the stored version of HTML Injection, we can use the same malicious login code used in the case of reflect HTML injection but the place of injection would be any input box in the website such as comment areas, search forms and other places that take user input.

Get OSCP Certificate Notes

The Complete Practical Web Application Penetration Testing Course

Video Walkthrough

CTF Writeup, HTML, HTML Injection, OWASP, OWASP Hackademic, Penetration Testing

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

HTML Forms Injection Explained | EP1 | OWASP Hackademic | Challenge 10

Leave a Reply Cancel reply

Motasem

About the Author

Other stories

From Web Into SSH Shell | Covfefe VulnHub CTF WalkThrough

Practical Command Injection with Burp Suite | EP2 | OWASP Hackademic | Challenge 008

Press ESC to close

HTML Forms Injection Explained | EP1 | OWASP Hackademic | Challenge 10

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

Other stories

From Web Into SSH Shell | Covfefe VulnHub CTF WalkThrough

Practical Command Injection with Burp Suite | EP2 | OWASP Hackademic | Challenge 008