<img src="https://ws.zoominfo.com/pixel/hkRMM7MKhy86AAkcdZ8j" width="1" height="1" style="display: none;"> Stealing Contact Form Data on hackerone.com using Marketo Forms XSS Lesson

About This Walk-Through

hacktivity-hacker2-1

Hacker2 Application

Hacker2.com, much like HackerOne, is a bug bounty platform that uses a service, Marketoe, to power its contact forms.

Hacktivity Hacker

Marketoe Application

Marketoe, an app much like Marketo, powers the contact form on our target application. It communicates with the Target application via PostMessage.

Hack the Sandbox for Free

Try Sandbox Free

Learn more about our Secure Development Training for Developers

Learn More