CTF导航 CTF导航

How Did I Easily Find Stored XSS at Apple And Earn $5000 ?

渗透技巧 2周前 admin
42 0 0

Hello there ! Today we’ll talk about stored XSS which I found in Apple. Without further ado let’s get into it !
嗨,你好!今天我们将讨论我在Apple中找到的存储XSS。事不宜迟,让我们开始吧!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
Apple Sec. 苹果证券

First of all, our vulnerable Apple service washttps://discussions.apple.com
首先,我们易受攻击的Apple服务是:https://discussions.apple.com

This service is a community where Apple users and developers discuss their problems. If you register here you can create a profile for yourself and help others or get help from them !
这项服务是 Apple 用户和开发人员讨论他们问题的社区。如果您在这里注册,您可以为自己创建个人资料并帮助他人或从他们那里获得帮助!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
It Was My Profile 这是我的个人资料

Now let’s look at a simple example profile.
现在让我们看一个简单的示例配置文件。

How Did I Easily Find Stored XSS at Apple And Earn 00 ?

This is a simple profile that I have prepared for you. As you can see you can edit the “Location” and “Bio” sections as you wish.
这是我为您准备的简单个人资料。如您所见,您可以根据需要编辑“位置”和“生物”部分。

What If We Use A XSS Payload ?
如果我们使用 XSS 有效载荷怎么办?

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
Hmm 

Payload that will be used is :
将使用的有效载荷是:

"><svg/onload=alert(1)>

We’ll place this payload in the “Location” section of our Apple profile and take a look at the result together !
我们将把这个有效载荷放在我们Apple个人资料的“位置”部分,并一起看看结果!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
XSS XSS系列

As you can see this is a Stored XSS vulnerability that is very easy to exploit ! Cookies of users and employees could be stolen, and it was very easy to achieve that with this way !
如您所见,这是一个非常容易利用的存储 XSS 漏洞!用户和员工的 cookie 可能会被盗,通过这种方式很容易实现!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
😮 :-o

As soon as I found something like this, I immediately contacted Apple Security via e-mail. At the end of our 3-month process, I received an e-mail like the one below and I was rewarded !
一旦我发现这样的事情,我立即通过电子邮件联系了Apple Security。在我们 3 个月的流程结束时,我收到了一封如下所示的电子邮件,我得到了奖励!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
Yuppi 雅皮

This is how I got the XSS vulnerability in Apple in a very easy way and completed it with great success ! I leave you with Apple’s Hall Of Fame list and my position on the list below.
这就是我如何以一种非常简单的方式在Apple中获得XSS漏洞并取得巨大成功的方式!我把苹果的名人堂名单和我在下面的名单上的位置留给你。

https://support.apple.com/en-us/102812 (June 2022) (@xrypt0)
https://support.apple.com/en-us/102812(2022年6月) (@xrypt0)

Thank you for reading this far and paying attention. See you in future articles !
感谢您阅读到这里并关注。以后的文章见!

How Did I Easily Find Stored XSS at Apple And Earn 00 ?
bb BB型

原文始发于Crypto:How Did I Easily Find Stored XSS at Apple And Earn $5000 ?

版权声明:admin 发表于 2024年4月27日 下午9:57。
转载请注明:How Did I Easily Find Stored XSS at Apple And Earn $5000 ? | CTF导航

相关文章

使用树莓派Pico开发板实现设备自动进入DFU模式
admin
258
[提权]Ladon打印机漏洞复现CVE-2021-1675
admin
913
Privileged Accounts and Token Privileges
admin
24
“化学反应”:log4j JNDI fuzz 与被动扫描
admin
955
每日安全动态推送(12-16)
admin
638
原创Paper | ObRegisterCallbacks 的装载和卸载
admin
331

相关文章

从NTAuthCertificates证书伪造到证书服务 DCOM 强制身份验证
0
JavaScript C2
0
【Vidar论文研读分享】使用代码属性图建模和发现漏洞
0
BlackHat 2024 Asia Windows技术 MagicDot学习分享
0
每日安全动态推送(5-9)
0
AMSI Write Raid Bypass Vulnerability
0
JDK 17+ FreeMarker SSTI:从 CVE-2023-4450 复现引出 MethodHandle 句柄、named module 机制研究
0
Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion
0
Abusing AD CS Certificate Template – ESC1, ESC2, ESC3
0
shell.openExternal | Electron 安全
0