ただのサラリーマン🍨
@KPlus33
Followers
617
Following
15K
Media
103
Statuses
1K
少しずつHackTheBoxを攻略しています。難しいと感じたのでTryHackMeに勉強の場所を移しました。
Joined September 2019
I completed the Web Security Academy lab:.Exploiting cross-site scripting to steal cookies. csrfとxssの組み合わせ。楽しかった。. @WebSecAcademy.
portswigger.net
This lab contains a stored XSS vulnerability in the blog comments function. A simulated victim user views all comments after they are posted. To solve the ...
0
0
5
I completed the Web Security Academy lab:.Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped. ECMAScript 2015より定義されたテンプレートリテラル${alert()}. @WebSecAcademy.
portswigger.net
This lab contains a reflected cross-site scripting vulnerability in the search blog functionality. The reflection occurs inside a template string with angle ...
0
0
2
I completed the Web Security Academy lab:.Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped. @WebSecAcademy.
portswigger.net
This lab contains a stored cross-site scripting vulnerability in the comment functionality. To solve this lab, submit a comment that calls the alert ...
0
0
6
I completed the Web Security Academy lab:.Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped. @WebSecAcademy.
portswigger.net
This lab contains a reflected cross-site scripting vulnerability in the search query tracking functionality where angle brackets and double are HTML encoded ...
0
0
6
I completed the Web Security Academy lab:.Reflected XSS into a JavaScript string with angle brackets HTML encoded. @WebSecAcademy.
portswigger.net
This lab contains a reflected cross-site scripting vulnerability in the search query tracking functionality where angle brackets are encoded. The reflection ...
0
0
5
I completed the Web Security Academy lab:.Reflected XSS into a JavaScript string with single quote and backslash escaped. </script>タグで閉じてHTMLタグを書ける. @WebSecAcademy.
portswigger.net
This lab contains a reflected cross-site scripting vulnerability in the search query tracking functionality. The reflection occurs inside a JavaScript ...
0
0
4
I completed the Web Security Academy lab:.Reflected XSS in canonical link tag. canonicalのhrefの作られ方を確認して流し込む. @WebSecAcademy.
portswigger.net
This lab reflects user input in a canonical link tag and escapes angle brackets. To solve the lab, perform a cross-site scripting attack on the home page ...
1
0
1
I completed the Web Security Academy lab:.Reflected XSS with some SVG markup allowed. @WebSecAcademy.
portswigger.net
This lab has a simple reflected XSS vulnerability. The site is blocking common tags but misses some SVG tags and events. To solve the lab, perform a ...
0
0
9
I completed the Web Security Academy lab:.Stored XSS into anchor href attribute with double quotes HTML-encoded. @WebSecAcademy.
portswigger.net
This lab contains a stored cross-site scripting vulnerability in the comment functionality. To solve this lab, submit a comment that calls the alert ...
0
0
5
I completed the Web Security Academy lab:.Reflected XSS into attribute with angle brackets HTML-encoded. @WebSecAcademy.
portswigger.net
This lab contains a reflected cross-site scripting vulnerability in the search blog functionality where angle brackets are HTML-encoded. To solve this lab, ...
0
0
6
I completed the Web Security Academy lab:.Reflected XSS into HTML context with all tags blocked except custom ones. <script>window.location=<xss id=a onfocus=alert() tabindex=1</script>. @WebSecAcademy.
portswigger.net
This lab blocks all HTML tags except custom ones. To solve the lab, perform a cross-site scripting attack that injects a custom tag and automatically alerts ...
0
0
4
RT @taichikawazoe: 野溝のみぞうさん@nomizoooneの著書「7日間でハッキングをはじめる本」読んでから.1年経たずにバグバウンティプログラムて脆弱性を発見し、….
0
17
0
I completed the Web Security Academy lab:.Reflected XSS into HTML context with most tags and attributes blocked. <iframe src="XXX?search=<body onresize=1>" onload="width='200px'"></iframe>. @WebSecAcademy.
portswigger.net
This lab contains a reflected XSS vulnerability in the search functionality but uses a web application firewall (WAF) to protect against common XSS vectors. ...
0
1
4
I completed the Web Security Academy lab:.Stored DOM XSS. @WebSecAcademy.
portswigger.net
This lab demonstrates a stored DOM vulnerability in the blog comment functionality. To solve this lab, exploit this vulnerability to call the alert() ...
0
0
5
I completed the Web Security Academy lab:.Reflected DOM XSS. @WebSecAcademy.
portswigger.net
This lab demonstrates a reflected DOM vulnerability. Reflected DOM vulnerabilities occur when the server-side application processes data from a request and ...
0
0
6
I completed the Web Security Academy lab:.DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded. @WebSecAcademy.
portswigger.net
This lab contains a DOM-based cross-site scripting vulnerability in a AngularJS expression within the search functionality. AngularJS is a popular ...
0
0
6
◆ ちいかわ くら寿司コラボ 5個セット◆(¥2,180)がフリマアプリ ラクマで販売中♪ #rakuma #ラクマ
item.fril.jp
ご覧頂きありがとうございます♪◆ちいかわ くら寿司コラボ ネイルパーツ 5個セット◆*コーティングあり*背面カーブあり*即購入可*一つ一つ丁寧に作成しておりますが、手作りのため気泡・ホコリなど入ることがございます 気になる方はご購入をお控え下さい*バラ売りご希望の方はコメントにてご連絡下さい*サイズは2枚目のお写真にてご確認下さい (小さめサイズなので、ショート爪や小指にも⭐︎)気になる点な...
0
0
1
「◆ サンリオ アイスクリーム 5個セッ… (¥2,180)」を.#ヤフーフリマ で販売中!.【6/30まで】アプリをまだ持ってなかったら、紹介コード「NHQJEM」入力で、500円相当もらえるよ!※条件・上限あり.アプリのインストールはこちらから⬇.
app.adjust.com
0
0
0