Skip to main content

Posts

How i found web shell on AntiHack.me and Awarded Gold Coin And SWAG

Hay guys, How i found Web Shell on Anti Hack .me and Awarded Gold Coin And SWAG It's a short Write up While i am recon Anti Hack .me using Virustotal.com i notice a thing in URLs Like bellow image: Virustotal URLs Section Shell Name: Mysql interface v1.0.php URL: https://www.antihack.me/public/kyc/webshell/php/PHPshell/Mysql%20interface%20v1.0/Mysql%20interface%20v1.0.php Then i visit to the URL and it redirect to me 404 Error Page , When the URL redirect me to 404 Error Page i can able to seen that page and then it redirect me to 404 Error Page . So, it's possible to visit URL using intercept the request, Then i intercept the request and i can able to view the shell page then i report to Anti Hack .me They offer me Gold Coin And SWAG. Reward: Thank you
1 comment
Read more
Recent posts

How i found open redirect and rewarded 0$

Hay, Today i am going to show you How i found open redirect and rewarded 0$ LoL 😆😆 Let's start Target:  https://redacted.com I am start finding subdomain using Sublist3r   then i found https://subdomain.redacted.com And i thought that let's find Open Redirect today. Then i just add a payload https://subdomain.redacted.com/http://evil.com like this but it not redirect to http://evil.com 😑 then again i start with like https://subdomain.redacted.com///evil.com nah again i failed 😑 Payload Fail after failed 2nd time i thought , let's try it again and it's the last time if i failed i will give up with this shit. then i come up with https://subdomain.redacted.com/http:/evil.com this and tada! Redirect Success 😌😌 Tada! Open Redirect Success Payload: http:/evil.com Final URL with payload: https://subdomain.redacted.com/http:/evil.com Thanks for reading 😉
2 comments
Read more

How i found Stored xss on your-domain.redacted.com

Hay, Today i am going to show how i found XSS on site your-domain.redacted.com who provide Help Desk & Live Chat Software . Now in the signup page i am trying to create a account with the payload in Full name but it showing error " Invalid name on name " Signup page then i filled it with my name and i finished signup. It redirect me to https://your-domain.redacted.com/agent/index.php#GettingStarted; Without checking other staffs i go to Edit profile  Setting page after signup and here i can able add XSS Payload in Name field also in Alias field ( image bellow ) Setting Page After save this Setting when i back to my Dashboard nothing happen i mean no PopUp Profile after added payload, No XSS   Then i am start looking into source code what actually happening.After scrolling source code suddenly my eyes stuck into a JS code before bypass Oh boy! </script> blocking the <script> here so again i get my ass back into Edit Set
1 comment
Read more

CSV Injection in https://***.monday.com/admin/my-team/my-team

Hay, Few day ago in monday.com while i am finding bug, i seen that they have CSV Export system then i am trying to use payload on my name then i export it but when i download the CSV file it not executing Calculator after that i have noticed that there are also other item like title, phone, skype , location and then i am able to reproduce that these item are affected. # Affected Item  title  Phone Skype  Location # Video Note:  Guys please don't waste your time to find bug on monday.com because they are shit, they don't care about bugs -_- Reference: https://www.owasp.org/index.php/CSV_Injection
1 comment
Read more