Puzzle 02

PRO
Tier
Hard
< 1 Hr.
21

In this lab, you will explore how to trigger a Cross-Site Scripting (XSS) vulnerability by exploiting a specific limitation in PHP's header() function. The function header() is used to set HTTP headers, including the Content-Security Policy (CSP). However, if any part of the HTTP response body is already sent, the header() function will not work. This limitation can be exploited by causing the application to generate warnings or errors, thereby preventing the CSP header from being set properly.

For this specific challenge, you can trigger a warning by sending 1000 HTTP parameters, which will generate a warning and prevent the header() function from setting the CSP header. This approach exposes the application to XSS vulnerabilities. A more robust method to set CSP policies would be through the web server or a reverse-proxy, bypassing the reliance on PHP and minimizing the risk of warnings or errors disrupting the header setting process.

Want to learn more? Get started with PentesterLab Pro! GOPRO