Posts

Showing posts from May, 2018

How to reduce risk of XSS while allowing html tags

By YEHG -
1. Allow a limited set of HTML tags:   'a'   'em'   'strong'   'cite'   'code'   'ul'   'ol'   'li'   'dl'   'dt'   'dd' Refer to the way that Drupal does -  https://api.drupal.org/api/drupal/modules%21filter%21filter.module/function/filter_xss/6.x 2. Remove all script event handlers (onload/onerror/on[a-z]{1,10}=) and src based payload (src=javascript:alert()when storing product information. on[a-z]{1,10}= javascript: data:
Post a Comment
Read more

[Hone Your Ninja Skill] Think Beyond - Tweets Display

By YGN Ethical Hacker Group -
http://honeyourskills.ninja/target/web/beyond/?url=display-tweets.php With this complex world where applications are massively interconnected and cohesively making the best use of one another's data, attack can happen from every angle if you don't think beyond. 
Post a Comment
Read more

[Hone Your Ninja Skill] Think Beyond - Dig online

By YGN Ethical Hacker Group -
With this complex world where applications are massively interconnected and cohesively making the best use of one another's data, attack can happen from every angle if you don't think beyond. https://honeyourskills.ninja/target/web/beyond/?url=dig-online.php
Post a Comment
Read more

[Hone Your Ninja Skill] Whitelist filter bypass ("URL")

By YGN Ethical Hacker Group -
http://honeyourskills.ninja/target/web/data_restriction/?url=whitelist-filter-bypass-url.php In input validation, whitelisting approach is said to be better than blacklisting one.  Yet non-robust implementation in whitelisting  could also allow attacker to bypass your defense.
Post a Comment
Read more

[Hone Your Ninja Skill] Simple Tactical XSS Filter Bypass

By YGN Ethical Hacker Group -
Mission: Achieve script execution when submitting form. Hint: It is simple. Just a matter of tactics, techniques, and procedures. http://honeyourskills.ninja/target/web/xss/simple-tactical-xss-filter-bypass.php
Post a Comment
Read more

[Hone Your Ninja Skill] Blacklist filter bypass on < > and =

By YGN Ethical Hacker Group -
http://honeyourskills.ninja/target/web/xss/
Post a Comment
Read more

[Hone Your Ninja Skill] Blacklist filter bypass on > < ( ) and =

By YGN Ethical Hacker Group -
Mission: Achieve arbitrary script execution when clicking above link. http://honeyourskills.ninja/target/web/xss/blacklist-filter-bypass-bracket-equal.php?callback=printToPage
Post a Comment
Read more

[Hone Your Ninja Skill] Blacklist filter bypass on Blacklist filter bypass on > < ( and )

By YGN Ethical Hacker Group -
Mission: Bypass "( )" character restriction and achieve script execution.  http://honeyourskills.ninja/target/web/xss/blacklist-filter-bypass-bracket.php?callback=printToPage
Post a Comment
Read more

[Hone Your Ninja Skill] Blacklist filter bypass ("domain name")

By YGN Ethical Hacker Group -
Mission: Try submitting an equivalence of blacklisted "yehg.net" word in the form below for fun:  http://honeyourskills.ninja/target/web/blacklist-filter-bypass-domain.php
Post a Comment
Read more

Does your app properly destroy session?

By YGN Ethical Hacker Group -
Image
Post a Comment
Read more

Bypassing referrer check with no script involved

By YGN Ethical Hacker Group -
No more to use scripting approach like https://github.com/knu/noreferrer This useful meta tag helps for CSRF POC preparation when you come across an application that checks referrer header: <meta name="referrer" content="no-referrer"> https://caniuse.com/#feat=referrer-policy
Post a Comment
Read more

When your XSS finding is NOT impressed

By YGN Ethical Hacker Group -
If your XSS finding is not convinced by your clients/stakeholders, demonstrate the impact with BeEF or simple executable download payload could help: Exe Download POC: https://lnkd.in/fWF_nEK BeEF: http://beefproject.com/
Post a Comment
Read more