How I found DOM XSS via postMessage on bing.com and received a reward by Microsoft Bug Bounty namcoder.com/blog/how-i-fou… #microsoft #bugbounty #bugbountytips
like in which position u are trying to trigger it with postMessage('message', '*'), how do u debug it then exploit it? like how u check do if the code is vulnerable, it's a bit hard for me to understand, like i found one there wasn't dangerous source and any origin and didn't pop
Yes. Put the breakpoint inside the listener on the “Sources” tab. Then send the test postMessage({},’*’) on the “Console” tab. You should have some knowledge about the JavaScript to debug. When you send the postmessage, it will trigger the breakpoint
ah dm is closed, i am asking it here, ah when u looking for postMessage,u look at those on global listeners and going to the code, and finding addeventlistener("message then u look for sources? like window.open after the code that has message? like i didn't understand
For quick summary all listeners in a website, you could use the browser extension github.com/fransr/postMes… Quick look to find: .innerHTML or window.open or others sinks in my slides
and the methodology like how do u look for postMessage and DOM XSS bugs in JavaScript files or just global listeners. and which like postmessage listeners, cause there was widgets and stuff, some of them was js files and some was widgets that u exploited
then it should be a dangerous source to look for and then going for exploit? i din't understand that part
United States 趨勢
- 1. Vandy 9,275 posts
- 2. Jeremiah Smith 6,388 posts
- 3. Julian Sayin 5,130 posts
- 4. Ohio State 15.2K posts
- 5. Caleb Downs 1,186 posts
- 6. Caicedo 26.2K posts
- 7. Pavia 3,545 posts
- 8. Vanderbilt 7,221 posts
- 9. Texas 110K posts
- 10. Arch Manning 3,614 posts
- 11. Clemson 8,557 posts
- 12. #HookEm 3,363 posts
- 13. Buckeyes 4,830 posts
- 14. Jeff Sims N/A
- 15. Jim Knowles 1,236 posts
- 16. French Laundry 5,155 posts
- 17. Donaldson 1,996 posts
- 18. Christmas 133K posts
- 19. Dawson 3,782 posts
- 20. Gus Johnson N/A
Something went wrong.
Something went wrong.