Apr 27, 2024, 08:38 PM
https://sensepost.com/blog/2023/dress-co.../#jsdelivr
We can bypass it
We can bypass it
|
HTB- Intuition
by trevor69000 - Saturday April 27, 2024 at 06:46 PM
|
|
Apr 27, 2024, 09:25 PM
Access to dashboard with stolen cookie from webdev adam.
Can't crack his hash, and don't see anything exploitable in the /report /delete /resolve /backup or /change_priority endpoints yet. Anyone have anything?
Apr 27, 2024, 09:30 PM
Apr 27, 2024, 09:31 PM
What method to obtain cookie?
Apr 27, 2024, 09:32 PM
(Apr 27, 2024, 09:30 PM)ox9Days Wrote:(Apr 27, 2024, 09:25 PM)xxxbfacc Wrote: Access to dashboard with stolen cookie from webdev adam. Probably via a xss bypassing jsdelivr in report
Apr 27, 2024, 09:38 PM
cookie from report_bugs via img tag xss
Apr 27, 2024, 09:41 PM
Apr 27, 2024, 09:44 PM
did you do a http server type payload?
Apr 27, 2024, 10:02 PM
what after xss .........................................
This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Apr 27, 2024, 10:18 PM
I'm also very curious what the approach is with the XSS here. I feel like I've tried every XSS payload under the sun at this point.
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 23 | 2,695 |
Less than 1 minute ago Last Post: 0xnany |
||
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 374 | 93,246 |
5 minutes ago Last Post: 0xnany |
||
|
[FREE] HackTheBox All Cheatsheets | 8 | 529 |
2 hours ago Last Post: mrmanual |
|
| [FREE] CPTS 12 FLAGS | 70 | 2,123 |
3 hours ago Last Post: neurodot |
||
| [FREE] HackTheBox Dante - complete writeup written by Tamarisk | 602 | 92,216 |
May 01, 2026, 06:48 PM Last Post: sabero_exe |
||