Apr 27, 2024, 08:38 PM
https://sensepost.com/blog/2023/dress-co.../#jsdelivr
We can bypass it
We can bypass it
|
HTB- Intuition
by trevor69000 - Saturday April 27, 2024 at 06:46 PM
|
|
Apr 27, 2024, 09:25 PM
Access to dashboard with stolen cookie from webdev adam.
Can't crack his hash, and don't see anything exploitable in the /report /delete /resolve /backup or /change_priority endpoints yet. Anyone have anything?
Apr 27, 2024, 09:30 PM
Apr 27, 2024, 09:31 PM
What method to obtain cookie?
Apr 27, 2024, 09:32 PM
(Apr 27, 2024, 09:30 PM)ox9Days Wrote:(Apr 27, 2024, 09:25 PM)xxxbfacc Wrote: Access to dashboard with stolen cookie from webdev adam. Probably via a xss bypassing jsdelivr in report
Apr 27, 2024, 09:38 PM
cookie from report_bugs via img tag xss
Apr 27, 2024, 09:41 PM
Apr 27, 2024, 09:44 PM
did you do a http server type payload?
Apr 27, 2024, 10:02 PM
what after xss .........................................
This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Apr 27, 2024, 10:18 PM
I'm also very curious what the approach is with the XSS here. I feel like I've tried every XSS payload under the sun at this point.
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] HackTheBox Dante - complete writeup written by Tamarisk | 602 | 92,008 |
Yesterday, 06:48 PM Last Post: sabero_exe |
||
| [FREE] CPTS 12 FLAGS | 68 | 1,995 |
Yesterday, 09:54 AM Last Post: VictorPipeau |
||
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 371 | 93,051 |
Yesterday, 08:48 AM Last Post: phannguyenbaouy1 |
||
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 21 | 2,641 |
Yesterday, 05:08 AM Last Post: popoler |
||
| Hack the box Pro Labs, VIP, VIP+ 1 month free Method | 23 | 2,289 |
Apr 30, 2026, 02:10 PM Last Post: kkkato |
||