File tree Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Original file line number Diff line number Diff line change 1+ Hi Guys,
2+
3+ Though it is not severe bug.But still some organizations take this seriously.
4+
5+ Steps :
6+
7+ 1.Browse through your target.
8+ say https://target.com
9+ 2.Find a article or blog present on target website which must have a link to share that blog on different social networks such as
10+ Facebook,Twitter etc.
11+ 3.Let's say we got and article with url:
12+ https://taget.com/how-to-hunt
13+ then just appened it with payload ?&u=https://attacker.com/vaya&text=another_site:https://attacker.com/vaya
14+ so our url will become
15+ https://taget.com/how-to-hunt?&u=https://attacker.com/vaya&text=another_site:https://attacker.com/vaya
16+ 4.Now hit enter with the abover url and just click on share with social media.
17+ Just observe the content if it is including our payload i.e. https://attacker.com
18+ Then it is vulnerable or else try next target.
19+
20+ References:
21+ https://hackerone.com/reports/105953
22+ Google
23+
24+ You can finde me here
25+ https://twitter.com/KenAdams000
You can’t perform that action at this time.
0 commit comments