HTML Injections (HTMLi) Lab

Infosec Learning
Virtual Lab

HTMLi is the process of inserting unauthorized HTML elements into client-side files, which renders and alters the original webpage. In this lab we will add some vulnerable PHP code embedded in HTML to our custom homepage. Then, we will exploit the vulnerable code with an HTMLi attack using a method known as form stealing. Lastly, we will demonstrat...

Time
1 hour 30 minutes
Difficulty
Intermediate
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or
View all SSO options

Already have an account? Sign In »

Overview

HTMLi is the process of inserting unauthorized HTML elements into client-side files, which renders and alters the original webpage. In this lab we will add some vulnerable PHP code embedded in HTML to our custom homepage. Then, we will exploit the vulnerable code with an HTMLi attack using a method known as form stealing. Lastly, we will demonstrate how an HTML-injected webpage can be used during a spear phishing attack.

Learning Partner
Infosec Learning

Infosec Learning provides businesses, colleges, governments, and K-12 school districts a feature rich information technology training and skill assessment service via an advanced, cloud based, virtual machine powered platform, capable of significant customization with unlimited scale and growth potential.

Similar Content
HTMLi Vulnerability and Mitigation Lab
HTMLi Vulnerability and Mitigation Lab

PHP has many filters that can be used to mitigate attacks. However, if the filters ...

Infosec Learning
Virtual Lab
Intermediate
Introduction To OWASP Top Ten: A1 - Injection - Scored
Introduction To OWASP Top Ten: A1 - Injection - Scored

This module for the Introduction to OWASP Top Ten Module covers A1: Injection.

CYBRScore
Virtual Lab
Intermediate
CompTIA Security+ 501
CompTIA Security+ 501

Empower yourself as a security professional by gaining the fundamental knowledge for securing a network ...

Practice Labs
Virtual Lab
Beginner