HITCON CMT 2019 - The cookie monster in your browsers

About Share Download Add to

Don't you hate it when you find an XSS on an out-of-scope subdomain while bug bounty hunting? Worry not, this presentation will cover how to turn that out-of-scope XSS into a valid bug bounty report. Having some success in maximizing the impact of HTML injections on subdomains, I wanted to share the technical details behind my process. I will discuss abusing cookie specifications and browser/server tricks to achieve session fixation, OAuth token leaks, site-wide CSRF, and many more client-side issues. Real-

Share with your friends

Link:

Embed:

<iframe width="640" height="360" src="//myvideo.cc/embed/WEZORERkeXgvRmsyS3djcUxyNHNBOC9CRHBQWGVVdGFIUFlJY0hFR0VrND0" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>

Video Size:

Custom size:

Autoplay video

Hide player controls

Hide resume playing

Add to Playlist:

Favorites

My Playlist

Watch Later