search

🟥Checklist

hashtag
Bypass & Checklist

chevron-rightRegister pagehashtag

  • username = admin , ( check if admin user already exist or not )

  • username = admin'or'1'='1 , ( Try sql-injection and check if it gives any error or data )

chevron-rightAuthentication Bypasshashtag

  • default / common credentials

  • sql injection

  • EAR - vulnerability

  • php type juggling

  • nosql injection

  • sql/Nosql injection by using json POST

  • json for type juggling

chevron-rightInput fieldshashtag

Beside the fact that parameter name is anything , we must try all this :-

  • SSRF ( try with both python and nc server )

  • sql-injection

  • XSS

hashtag
Other Vulnerabilities

chevron-rightEAR vulnerabilityhashtag

EAR - execution after redirection Basically , when you try to vistit the homapage "/" and the application redirect you to some other web page like "/login" or "/abc...." - their is where EAR takes place To bypass authentication :- just capture the request in burp -> do intercept response -> change the 302 Found to 200 Ok -> forward the request

PreviousFuzzing / EnumerationNextVulnerabilities

Last updated