Script Kiddie`s notes

"Breadcrumbs from my brain"

_n1_ m1ke_n1

Chain exploitation of XSS

Hello, friend!

Today I would like to tell you about one interesting chain of low-impact vulnerabilities, which led me to exploitation of full XSS. Also, at the end of the article I will show you an HTML-page that was the final exploit. In order to execute the reflected XSS, I’ve used together vulnerabilities such as ClickJacking, CSRF and self-DOM-based XSS.

Unusual cases of reflected XSS

Hello, friend!

Today, I would like to talk about some cases, connected with XSS attack, which I faced with during web-application security analysis (in private bug bounty).

P4 to P2 - The story of one blind SSRF

Hello everyone. This is my second blog post where I want to tell how I managed to get Blind Local SSRF (P2) instead of External SSRF (P4). Unfortunately, I can’t disclose the vulnerable application, so instead of some screenshots I will be using cute kittens or funny gifs.

Why BlackList < WhiteList

Often, when you write the code, which is responsible for file uploading, you check the extensions of downloaded file with using “whitelist” (when you can upload only files with certain extensions) or “blacklist” (when you can upload any files which are not included in the list).