xss – Page 27 – WindowsTechs.com

read etc/passwd using XSS

Posted on July 28, 2021 by user1998844

by trying the XSS room on THM, I try was trying to read the /etc/passwd using the following cmd:
<iframe src="/etc/passwd"></iframe>

However what I got is an error code as shown below

But I was be able to read from … Continue reading read etc/passwd using XSS→

How (and Why) Hacker Forums Self-Moderate

Posted on July 22, 2021 by Victoria Kivilevich

“Everything in moderation,” the saying goes. But it may come as a surprise that this expression even seems to apply to many of the hacker forums littered across the dark web. On the surface, these forums may appear to be a lawless landscape, but there… Continue reading How (and Why) Hacker Forums Self-Moderate→

Does this qualify as Filename Upload DOM-XSS?

Posted on July 19, 2021 by Maicake

An application has the following javascript code which is triggered whenever an user tries to upload a file.
a.html(fileName)

then if the user uploads a file named <img src=x onerror=alert()> the javascript code is executed.
Does th… Continue reading Does this qualify as Filename Upload DOM-XSS?→

How can I submit form (containing text areas and Input fields) python for XSS attack?

Posted on July 16, 2021 by Malik Abdulaziz

I have been learning XSS and which solving google game built for XSS
http://www.xss-game.appspot.com/level2/frame
I was successful to find the solution of this level which is to wrap script in image tag but I am unable to find the vulnerab… Continue reading How can I submit form (containing text areas and Input fields) python for XSS attack?→

NodeJS, unrestricted file upload, RCE [closed]

Posted on July 9, 2021 by momola

I’m testing on application which runs on NodeJS, and discovered unrestriced file upload vulnerability, path traversal is not possible.
Uploaded file is visitable, I can upload .html to perform XSS attack, however I want something more. I’m… Continue reading NodeJS, unrestricted file upload, RCE [closed]→

Ruby on Rails, unrestricted file upload, RCE

Posted on July 8, 2021 by momola

I’m doing testing on Ruby on Rails application, not familiar with it at all.
During my testing I have discovered unrestricted file upload (without possibiltiy to manipulate path).
I have tested uploading many extensions to gain Remote Code… Continue reading Ruby on Rails, unrestricted file upload, RCE→

Prevent URL encoding on form submit

Posted on July 6, 2021 by scaum

During an engagement, I found a potential XSS vulnerability on a page. There is an HTML form that is submitted to this page (POST method) and sent parameters are reflected (without encoding) in the response.
If I use a proxy tool (e.g. Bur… Continue reading Prevent URL encoding on form submit→

is XSS in Content-Disposition possible?

Posted on July 2, 2021 by P3NT3ST_5TR4W

There is a web application that can upload HTML files and also download the uploaded file.
When I upload an HTML file containing the script tag and download it, the response is as follows.
HTTP/1.1 200
Date: Fri, 02 Jul 2021 01:11:11 GMT
C… Continue reading is XSS in Content-Disposition possible?→

Cisco security devices targeted with CVE-2020-3580 PoC exploit

Posted on June 29, 2021 by Zeljka Zorz

Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently started after Positive Technologies researchers shared proof-of-concept (PoC) e… Continue reading Cisco security devices targeted with CVE-2020-3580 PoC exploit→

Can anyone say what is – in -alert(1)- payload? [closed]

Posted on June 27, 2021 by arj

I don’t understand what – is in a XSS payload, as in -alert(1)-.
Is it one-line command execution?

Continue reading Can anyone say what is – in -alert(1)- payload? [closed]→