Vipin Panchal (@dirtycoder0124) Piclur’ta: Blind XSS tips1. There was No sign-up page. Only sign_in.2. Changed sign_in to sign_up3. sign_up page appeared4. Put bxss payload.5. Payload executed in the admin panel of the same domain.6. Got cookie7. Used cookie to login to admin panel.#bugbounty #bugbountytip / Piclur

Vipin Panchal

@dirtycoder0124

23 Eki 2024

Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip

Vipin Panchal

@dirtycoder0124

23 Eki 2024

If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up

Samir Gadgil

23 Eki 2024

Which service/tool do you use for bxss? Or host your own?

Vipin Panchal

@dirtycoder0124

23 Eki 2024

My own blindf.com

RaHul Raut

23 Eki 2024

Where to put bxx payload on signup page

Vipin Panchal

@dirtycoder0124

23 Eki 2024

every possible textfield

🔍mrro0o0tt

23 Eki 2024

Where you injected specifically? Or in all input fields on that form?

Bug Bounty Roaster

23 Eki 2024

great

Vikas Anand

23 Eki 2024

Wbich bxss payload? Did you encoded the payload or not?

United States Trendler

1. #socideveloper_com N/A
2. #lip_bomb_RESCENE N/A
3. #River 3,914 posts
4. ARMY Protect The 8thDaesang 22.4K posts
5. #DaesangForJin 28.9K posts
6. #heatedrivalry 18.4K posts
7. Ravens 59.2K posts
8. ilya 18.2K posts
9. Lamar 46.7K posts
10. Shane 22K posts
11. Black Friday 269K posts
12. Bengals 52.8K posts
13. Joe Burrow 21.4K posts
14. BNB Chain 8,007 posts
15. Connor 15.2K posts
16. Zay Flowers 4,255 posts
17. Hudson 11.9K posts
18. Sarah Beckstrom 230K posts
19. Third World Countries 30.5K posts
20. scott hunter N/A

Something went wrong.

Something went wrong.