.png)
3 days ago
13 BOOK THIS SPACE FOR AD
ARTICLE AD
I was testing on the registering services of the target website, on the name section I tried my basic html payload: <h1>Hacked</h1><br><br> on firstname and lastname and when I received the email my payload was triggered and the word hacked was highlighted in the h1 tag.
I knew their was html injection vulnerability on the target website at that moment, now the part is to increase the impact, for that I came up with a paylaod: <a href=”https://evil.com">Click here for a bonus!</a> . After injecting the payload in the firstname section I got an email with a clickable link saying click here for bonus.
When I clicked I was taken to evil.com. I was able to redirect users to malicious websites through this paylaod. I also mentioned some other impact points like content spoofing, defaming the company etc.. It was a self hosted program and I emailed them the full report from myside and I got the repley…
#BugBountyIndia #IndianHackers #CyberSecurityIndia #BugBountyHunter #HackerOneIndia #InfoSecIndia #SSRFVulnerability #AppSecIndia #EthicalHackingIndia #WebSecurityIndia #SecurityResearcher #CyberSecCommunityIndia #BugBountyTips #PentestingIndia #RedTeamIndia #HackersOfIndia #ResponsibleDisclosure #IndianSecurityCommunity #TechSecurityIndia #CyberSecurityAwareness #HackingTips #VulnerabilityHunting #BugBountyLifeIndia #HackThePlanetIndia #WebAppSec #IndianBugHunters #SecurityTestingIndia #OffensiveSecurityIndia #CTFIndia #CyberAwarenessIndia #InfoSec #EthicalHacking #CyberSecurity #WebSecurity #AppSec #BugBountyTips #WebAppSec #RedTeam #PenTesting #HackerLife
Bengali (Bangladesh) · 
English (United States) ·