XSS Tricky Exploitation
Hello Hunters !
Greetings everyone! Today This is my first write-up about one of my best findings My first Bug Duplicate to p4 . It’s an XSS Which actually Tricky XSS.
Its all about private program which i can’t disclose name. As i am new learner before 2 month ago when i was testing on Site www.xyz.com i found XSSwhich can easily steal users cookie, Don’t worry i will explain everything.
I already sent 7 report security issue on www.xyz.com we will discuss about it in my next writeup! ]
How To Reproduce Attack:
- I visit www.xyz.com Now, i create a new account after everything setup i got confirmation mail regarding account setup.
- Now,I simply open confirmation mail now it redirect me to www.xyz.com/account/paywall/?redirect=%2Fsignup%2Fnew-user%2Fwelcome%2F%3Fskip_pw%3D1&is_signup=1
As Above i tried Open redirection
BOOM! It’s work now, problem is Redirection out of scope ! LoL
Now, I simply turn for finding XSSi simply used ‘“><img src=x onerror=alert(document.cookie);>
Now we have setup payload now i simply click “complete” button
BOOM! i got XSS , Now what i do i simply send this crafted link to my another id and when user click complete XSS execute Now, I can steal user cookies of www.xyz.com.
After 21 Days what i got i actually mentioned above it was duplicate And i Rewarded $xxx
By - PJBorah
Thank You For Reading ………….(Keep Hunting Keep Learning )