Detect the XSS Vulnerability

In this lab, you will take on the role of a security analyst tasked with auditing an online store that appears to function normally. However, unusual behavior has recently been reported when interacting with certain features of the site. It is suspected that there may be an active vulnerability allowing an attacker to manipulate page content.

Your job is to inspect the application with a critical mindset, identify any weak points in user input handling, and determine if there is a functionality exposed to exploitation.

In this lab, you will practice:

• Identifying abnormal responses in web applications
• Logical reasoning from a defensive (Blue Team) perspective

🌱 How to start this lab

👉 This challenge uses the same virtual machine as the previous lab: Pwned! - Find the backdoor. If you already downloaded it, there's no need to do it again.

1. If you don't have it yet, download the virtual machine from this link:

1    https://storage.googleapis.com/cybersecurity-machines/web-threats-lab.ova

1. Import the virtual machine into VirtualBox or VMware.
2. Start the VM and open the website in your browser:

1    http://<ip_machine>/softwarelicenser/

1. When needed, you can log in using the credentials: student:4geeks-lab.

Your Mission

SoftwareLicenser is a live online store currently under internal review. Some users have reported strange behavior when browsing certain pages or submitting forms. Your mission is to inspect the application as a Blue Team analyst, identify any suspicious interactions, and determine if there's a vulnerable endpoint that allows malicious content injection.

Validation

If you manage to identify the compromised file, you’ll be able to validate it and close the incident — the system will reveal what you're looking for to confirm your findings.

1validate-xss

Good luck, Analyst!