Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
Where you injected specifically? Or in all input fields on that form?
United States Trendy
- 1. Good Sunday 54.6K posts
- 2. Stockton 26.7K posts
- 3. Auburn 41.2K posts
- 4. Duke 32.9K posts
- 5. Bama 29.9K posts
- 6. Miami 139K posts
- 7. Ole Miss 38.8K posts
- 8. #NIVEASkinGlowxPerthSanta 371K posts
- 9. #BNewEraBirthdayConcert 932K posts
- 10. #JimmySeaFanconD2 252K posts
- 11. PERTHSANTA LUMINOUS SKIN 320K posts
- 12. #INDvSA 57.9K posts
- 13. BECKY BIRTHDAY CONCERT 879K posts
- 14. Notre Dame 26.1K posts
- 15. Lane Kiffin 48.9K posts
- 16. Ewing 1,353 posts
- 17. Stanford 10.1K posts
- 18. #BBFanFestinMacau 412K posts
- 19. Austin Theory 5,467 posts
- 20. Virginia 48.5K posts
Loading...
Something went wrong.
Something went wrong.