Blind XSS tips 1. There was No sign-up page. Only sign_in. 2. Changed sign_in to sign_up 3. sign_up page appeared 4. Put bxss payload. 5. Payload executed in the admin panel of the same domain. 6. Got cookie 7. Used cookie to login to admin panel. #bugbounty #bugbountytip
If there is a login page and no registration page. Try to change login to register. You may find a registration page if you are lucky. login => register or registration signin => signup sign_in => sign_up
getting into js files of the login page can help to find the registration page many times
United States Trendler
- 1. Lakers 49.8K posts
- 2. Dillon Brooks 6,928 posts
- 3. Bron 24.7K posts
- 4. Giants 85.5K posts
- 5. #WWERaw 70.9K posts
- 6. Dart 36.1K posts
- 7. Patriots 131K posts
- 8. Suns 19K posts
- 9. Drake Maye 24.3K posts
- 10. Collin Gillespie 2,030 posts
- 11. #AvatarFireAndAsh 2,959 posts
- 12. Ryan Nembhard 4,170 posts
- 13. Diaz 33.9K posts
- 14. Kanata 9,160 posts
- 15. STEAK 10.5K posts
- 16. Devin Williams 7,725 posts
- 17. Gunther 15.2K posts
- 18. Pats 16.2K posts
- 19. James Cameron 4,548 posts
- 20. Devin Booker 2,625 posts
Loading...
Something went wrong.
Something went wrong.