Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
getting into js files of the login page can help to find the registration page many times
United States Trends
- 1. #WWERaw 46.5K posts
- 2. Giants 62.5K posts
- 3. Giants 62.5K posts
- 4. Patriots 91.3K posts
- 5. Drake Maye 15.6K posts
- 6. Dart 26.4K posts
- 7. Diaz 31.9K posts
- 8. Gunther 10.3K posts
- 9. Younghoe Koo 3,405 posts
- 10. Devin Williams 4,766 posts
- 11. Abdul Carter 7,202 posts
- 12. Marcus Jones 5,337 posts
- 13. Kyle Williams 3,675 posts
- 14. Theo Johnson 1,795 posts
- 15. Joe Schoen 1,574 posts
- 16. #NYGvsNE 1,608 posts
- 17. #RawOnNetflix 1,526 posts
- 18. #MondayNightFootball 1,161 posts
- 19. Kafka 6,472 posts
- 20. Bron Breakker 5,917 posts
Loading...
Something went wrong.
Something went wrong.