Notes (for all stages): * NEVER DO ANY ATTACKS EXCEPT XSS. * DO NOT USE ANY AUTOMATED SCANNER (AppScan, WebInspect, WVS, ...)
* Some stages may fit only IE.
Ranking (optional):
If you want to participate in ranking, please register here now.
(You should register before tackling stage #1.)
What you have to do:
Inject the following JavaScript command: alert(document.domain);