fa
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

رفتن به کانال در Telegram
7 428
مشترکین
-324 ساعت
+207 روز
+27230 روز
آرشیو پست ها
گ

XSS WAF Bypass by multi-char HTML entities fj translates to fj >⃒ translates to > + [?] <⃒ translates to < + [?]
XSS WAF Bypass by multi-char HTML entities &fjlig; translates to fj &nvgt; translates to > + [?] &nvlt; translates to < + [?] [?] - Unicode symbol @GitBook_s

Kanalda Türkiye'den üye var mı?

Due to Telegram's copyright law, I want to create a private channel to send files there. Do you agree?

Updated

متاسفانه قوانین تلگرام خیلی سختگیرانه تر از قبل شده

How to Perform Session Hijack with XSS + Session Fixation When the Session Cookie is HttpOnly Steps: 1) Create a session cookie with an unauthenticated session value on the /login path using JavaScript. 2) Force the user to log out. 3) When the user logs back in, they will use the unauthenticated session. Details: The attacker creates a session cookie on another browser, then injects that session into the victim's account by overriding the existing HttpOnly cookie with a similar cookie name but a different value on a different path.
sess=aaaa; path=/login; expires=Fri, 17 Jun 2024 10:00:00
When the login form is submitted, it will contain two cookies. The one created with JavaScript on the /login path will be first, followed by the HttpOnly cookie on the different path /.
Cookie: sess=aaaa; sess=bbbb;
Since the website has a Session Fixation bug, no new session will be generated when the user logs in. Because there are two session cookies, only the first one from the attacker (sess=aaaa) will be used, and the logged-in user will be attached to it. The final step is to use the unauthenticated session that was previously created on the attacker's browser for all website actions from the attacker's side. @GitBook_s

@GitBook_s ... finding XSS is very learnable. You do not need to be a JavaScript expert. You just need to know where to look and what to inject. XSS Testing Checklist: 12 Important Test Cases Every Security Tester Should Know #BugBounty #xss

🔥 Recon is not about running tools. Recon is about discovering opportunities others overlook.