Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
Where you injected specifically? Or in all input fields on that form?
United States Tendencias
- 1. Notre Dame 26K posts
- 2. Notre Dame 26K posts
- 3. #WWENXT 3,158 posts
- 4. Bama 17.4K posts
- 5. Paul Dano 2,883 posts
- 6. Penn State 20.3K posts
- 7. #CFPRankings N/A
- 8. Tarantino 9,829 posts
- 9. #TADCFriend 2,135 posts
- 10. #twitchrecap 14.2K posts
- 11. Thomas Haugh N/A
- 12. Stirtz N/A
- 13. Zion 10.6K posts
- 14. Bernie 24.2K posts
- 15. Minneapolis 59.4K posts
- 16. Somali 172K posts
- 17. Pat Kraft 2,389 posts
- 18. Kelani N/A
- 19. Cody Ponce 2,725 posts
- 20. Nate Kingz N/A
Loading...
Something went wrong.
Something went wrong.