During bug hunting in a private bug bounty program, I came across a feature within the application that allowed for the generation of PDF documents. Since the user input was reflected in the generated PDF documents, I decided to try injecting HTML and XSS payloads. I used a well-known tool…

During a recent penetration testing engagement, I discovered a vulnerability in the login page of a web application. Specifically, I found that after five unsuccessful login attempts, the account would become locked. …

Network Topology We have a switch between us and the first target. Followed by another switch between target A and target B. Enumeration I start with the nmap scan to get an idea of what might be open on this subnet. Command: nmap -p- 192.141.250.2 Results:

To determine the version of FTP running on a target system, there are a few methods that can be used. One option is to use the nmap tool to scan the target system and identify the version of FTP running. …

Risk: Medium CVSSv3: 5.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI] CVE-ID: CVE-2021–27330 CWE-ID: CWE-79 — Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerable software version: Datepicker Calendar < 3.76 Exploit DB: https://www.exploit-db.com/exploits/49597 Google Dork: inurl:/calendar/calendar_form.php Mitigation: Install updates from the vendor’s website.

Enumeration

Enumeration Nmap Nmap reveals that port number 3000 is open and it is using Node.js Express framework. Let’s visit port number 3000 in web browser.

Weakness:Web Parameter Tampering Two Factor Authentication, also known as 2FA is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only, and only, that user has on them,Using a Two Factor Authentication process can help…

SMTP stands for Simple Mail Transfer Protocol is a TCP/IP protocol for sending E-mail messages between servers.SMTP usually is implemented to operate over Internet port 25. Nmap (Network Mapper) is the most popular port scanner which is designed to probe a server or host for open ports. The following are the open ports that I identified on Open-xchange’s Sandbox domain sandbox.open-xchange.com (185.27.181.34)