Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
Where you injected specifically? Or in all input fields on that form?
United States Tendenze
- 1. Cowboys 73.5K posts
- 2. #heatedrivalry 24.3K posts
- 3. Gibbs 20.2K posts
- 4. LeBron 105K posts
- 5. Lions 91.2K posts
- 6. Pickens 14.5K posts
- 7. scott hunter 4,991 posts
- 8. fnaf 2 25.9K posts
- 9. Brandon Aubrey 7,343 posts
- 10. #OnePride 10.5K posts
- 11. Paramount 19.9K posts
- 12. Shang Tsung 28.5K posts
- 13. Warner Bros 20.4K posts
- 14. Ferguson 10.9K posts
- 15. Eberflus 2,664 posts
- 16. CeeDee 10.6K posts
- 17. #PowerForce N/A
- 18. Goff 8,714 posts
- 19. #criticalrolespoilers 2,010 posts
- 20. Bland 8,608 posts
Loading...
Something went wrong.
Something went wrong.