Lesson Plan Title: How to Perform DOM Injection Attack.

Concept / Topic To Teach:

How to perform DOM injection attacks.

How the attacks works:

Some applications specially the ones that uses AJAX manipulates and updates the DOM directly using javascript, DHTML and eval() method.
An attacker may take advantage of that by intercepting the reply and try to inject some javascript commands to exploit his attacks.

General Goal(s):

* Your victim is a system that takes an activation key to allow you to use it.
* Your goal should be to try to get to enable the activate button.
* Take some time to see the HTML source in order to understand how the key validation process works.