.png)
7 months ago
36 BOOK THIS SPACE FOR AD
ARTICLE AD
Hi
Today I will show You How I found HTML injection on main domain of program
Program name : * redacted.com (Cannot disclose)
So let’s start
I was trying to find account takeover in the redacted.com for this I tried to brute force trying to understand the patterns but nothing found now this is a time for checking the reset password functionality so I logout from target then I got a pop up of “You are now logged out”
I notice the url and url structure is like this
https://redacted.com/?fm=You+are+now+logged+out&ft=noticeI notice that the text from fm param is reflecting in a popup like below
after this I try to change text in the fm param and it was reflect but this is consider as P5 informational so I think to increase impact
I tried xss payloads and when I trying this I notice the next param of ft with has a value of notice I tried also with it but noting happen but by mistake I enter alert as value of ft=alert then I notice that the color of alert box as changed into red and than I tried to change it to prompt as js functions again it change to dark blue
then I am happy but still no impact than I tried html injection not all work but after some modification in urls <a> tag works in it now the urls looks like this
https://redacted.com/?fm=You+are+now+logged+out+%3Ca%20href=%22https://google.com%22%3Egoogle%3C/a%3E&ft=noticeI was able to get a pop with my htmli and it as a link of google when I click on it redirect me to google now I was able to increase the impact to htmli after more tried I was not able to achieve xss but i reported it to program but program closed it as duplicate as it is known for the team
Thank you !!
Bengali (Bangladesh) · 
English (United States) ·