This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hostname:target.com | to find all asset available for target.com on shodan | |
http.title:"title" | to find server/host with similer title | |
http.html:"/file" | to find server/host with similar path | |
html:"context" | to find server/host with similar string | |
server: "apache 2.2.3" | to find server/host with same server | |
port:80 | to find server/host with same port | |
os:"windows" | to find server/host with same os | |
asn:AS3214 | to find host/server with matched asn | |
http.status:200 | to find server/host with 200 http response code | |
http.favicon.hash:"hash" | to find server/host with same favico hash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Description:- | |
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. | |
The application allows an attacker to execute arbitrary JavaScript code via the "Reports-Devices.php" page on "st[]" parameter. | |
Steps To Reproduce:- | |
1. Login to the Application. | |
2. Go to "https://ip/Reports-Devices.php" page. | |
3. Add st[] parameter at the end of the URL. | |
Example:- https://ip/Reports-Devices.php?in[]=device&op[]=~&st[]="><img src=x onerror=alert(document.domain)>&lir=10 |