How I Found XSS In Another Govt. Site :: NCIIPC VDP !!

6 months ago 52
BOOK THIS SPACE FOR AD
ARTICLE AD

Professor0xx01

Hello Fellow Hunters !! Hope you all are well !!

Intro: I am p_ra_dee_p whom you all know as Professor0xx01. Today I am gonna to explain you my story about finding XSS Bug in an another govt. website. So, let’s jump into it……..

CVSS score : 5.4 :- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Let’s say the target is target.gov.in. I have already collected the domains during subdomain enumeration phase. While surfing different websites & seeing wappalyzer, one thing caught my eyes that the site it using rich text editor framework named “CKEditor”. (Which is known to me before)

CKEditor

After seeing that, i remembered that i have already tested this “CKEditor” — web text editor before in another hunting. See about my writeup about it : XSS IN CKEditor — By Professor0xx01.

So, let’s make start a directory enumeration using dirsearch & see if my guesses are right or not ..??

dirsearch -u https://target.com -x 404,403

I got that endpoint but not the text editor accordingly………….!!

Then i moved to my another writeup (XSS IN CKEditor — By Professor0xx01.) & searched the endpoint as follows ,, to check wheather the CKEditor page actually exist or not…!!! And yayyyhhhhh………………… I got that juicy html page ………….!!!!!

The Juicy endpoint :

https://<target>.gov.in/ckeditor/samples/plugins/htmlwriter/outputhtml.html

Now I quickly Inserted my XSS Payload to this page & Got the Alert () !!

Xss<!--{cke_protected} --!><img src=x onerror=alert(`Professor0xx01`)> -->Attack

Steps To Reproduce :

First click on source ….Give the malicious payload …..Then click again on source !!You will got that alert ().

Getting that alert(),, I feel like……………………………………. this 👇👇 !!

Then I made a report about that vulnerability/issue & mailed it to the NCIIPC Team !!

THANKS FOR READING !!

Hope you enjoyed it !! If you like, then clap & follow me for more insightful articles !!

That’s it for this article now !!

Happy Hunting ~~

Keep Growing & Keep Securing ~~

Read Entire Article