Posts

Showing posts from 2019

[Duplicated] Self-XSS & CSRF attack lead to Stored XSS

Image
Hi guys it's me Flex, in this post I will share a new vulnerability on a private program let's call it `example.com` the vulnerability was a Self-XSS with CSRF attack which leads to Stored XSS. The story of the discovery the target is a shop website when I test the function to add a product I start adding my lovely XSS payload  <svg/onload=alert(0)> everywhere and one of them these fields work and give me a pop-up because the input was wrong to the field and the website tells me that this value is wrong so it is a self-XSS I tried to find Clickjacking to make it exploitable but there is no way with clickjacking, after some minutes I tried to find a CSRF attack so I opened my Burp and catch the change request and I notice that there is no CSRF-Token or any CSRF protection so I tried to exploit this two bugs together to get the Stored XSS, the body of the edited request was like that {"basePage":{"draftIds":["victim_id"],"...

Write-Up || Quals: Saudi and Oman CTF 2019 Web Challenges

Image
Welcome Guys, I will solve the web challenges on the Quals of Saudi and Oman CTF 2019 I will solve it on the video but I will talk about the challenges first. The First Challenge is  Maria it's a Hard one with 200 points, this challenge is a SQL injection challenge the first thing you should found the field which you will inject your payload on it if we try to delete the cookie we will see the SQL query which adds your IP to the database so we will inject the IP to get the information from the DB we need the Maria's IP address so we will dump it and we will see that on the video after that when we add the IP we should add the cookies and we will use the cookies from set-cookie header on the response The Second Challenge is  Back to basics  it's an Easy one with 50 points if we try to open the challenge link we will be redirected to Google so we should open it with another way so I used Burp to catch the request but I didn't find anything interes...