> pwn.now.sh

An Exploit Dev Target

This page is vulnerable to many of the common web attack vectors. It also has secrets stashed in various locations. Feel free to use it to develop or practice your attacks. See some examples. View the source.

Use POST

HTTP Header Cookie CSS(HEAD) CSS(BODY) <HEAD> <BODY> <SCRIPT>

Use GET (Overides POST Values)

To inject content into the HTTP Header use the header parameter like this

To inject content into the Cookie use the cookie parameter like this

To inject CSS into the <HEAD> use the css parameter like this

To inject CSS into the <BODY> use the css2 parameter like this

To inject content into the <HEAD> tag use the head parameter like this

To inject content into the <BODY> tag use the body parameter like this

To inject content into the <SCRIPT> tag use the script parameter like this

The BODY secret value is:

SECRET_SQUIRREL.4430422228146