Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
getting into js files of the login page can help to find the registration page many times
United States Tendências
- 1. Pat Spencer 2,470 posts
- 2. Kerr 5,293 posts
- 3. Podz 3,141 posts
- 4. Jimmy Butler 2,549 posts
- 5. Shai 14.5K posts
- 6. Seth Curry 4,245 posts
- 7. Hield 1,549 posts
- 8. Mark Pope 1,884 posts
- 9. #DubNation 1,403 posts
- 10. Carter Hart 3,881 posts
- 11. Derek Dixon 1,242 posts
- 12. Connor Bedard 2,278 posts
- 13. Brunson 7,303 posts
- 14. #ThunderUp N/A
- 15. Kuminga 1,373 posts
- 16. Caleb Wilson 1,142 posts
- 17. Notre Dame 38.8K posts
- 18. Braylon Mullins N/A
- 19. #SeanCombsTheReckoning 4,268 posts
- 20. Jaylen Brown 9,525 posts
Loading...
Something went wrong.
Something went wrong.