Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
getting into js files of the login page can help to find the registration page many times
United States トレンド
- 1. #GivingTuesday 26K posts
- 2. #twitchrecap 7,442 posts
- 3. Larry 42.1K posts
- 4. Costco 51.6K posts
- 5. Cabinet 60.9K posts
- 6. So 79% 1,642 posts
- 7. #AppleMusicReplay 9,531 posts
- 8. Jared Curtis 2,861 posts
- 9. #DragRace 6,114 posts
- 10. NextNRG Inc. 3,344 posts
- 11. #Rashmer 29.4K posts
- 12. Sabrina Carpenter 30.9K posts
- 13. Susan Dell 6,655 posts
- 14. Carton 29.5K posts
- 15. Lucario 29.5K posts
- 16. King Von 1,922 posts
- 17. WFAN N/A
- 18. Sleepy Don 1,664 posts
- 19. Punk and AJ 3,739 posts
- 20. Trump Accounts 13.8K posts
Loading...
Something went wrong.
Something went wrong.