Hi there, Hope you all are doing great and healthy. Recently i was hacking on a private program and found an reflected xss there. So let us begin.
Let’s talk about the basic question i.e what is XSS?
Now you know the meaning behind xss so let’s quickly jump into the vulnerability.
The first thing which i do while approaching a target is collecting all of the subdomains. After that i look for valid http response code like 2XX,3XX,4XX,5XX etc and then manually visit them one by one. I have created a python script which does all the task and makes my life easy.
After that i have found a subdomain let’s say x.hack.com which have search option enabled. Seeing this, i quickly tried <script>alert(1)</script> but failed.
Then i started digging and tried to find where my payload was reflecting. I found that the payload was reflecting in the escape function inside the script tag.
Knowing this, I tried the following payload:
And guess what..It worked!!!
I quickly sent a report to the company but unfortunately it was duplicate.Still, I was overjoyed because this was my second xss report to a company.
1- Stay Motivated.
2- Gather every bit of information about the target.
3- Always check where the payload is reflecting.
4- Follow the road less traveled 😉
Thanks for reading. Please forgive me if my English was not good enough. See you all soon!
Till then, Please stay at home and be safe. 🙂
If anyone who is interested in hacking windows with just python then they can enroll the course below!