J0EII

4n07hER H4x0rin9 N07e2

f41lur3

05Cb

\/\/\/3b

|ib

|[email protected]|< G0|>

[1]AWS

[20]Adv. Pen-Testing

[6]Algorithm

[1]Apache

[1]Backup

[53]Basic Pen-Testing

[12]Bug Bounty

[1]CI/CD

[3]CTF

[5]CentOS

[1]Crontab

[1]DBeaver

[1]Database

[3]Debian

[1]Design Pattern

[1]Django

[4]Docker

[8]E-Business

[1]ESXI

[2]ElementaryOS

[1]Failure

[4]Fedora

[1]File Browser

[4]Fuzzing

[1]Git

[2]Gitlab

[2]Gitolite

[3]HTML5

[3]Hashcat

[1]Hashes

[1]Hexdump

[16]JS

[3]Java

[1]John

[4]KaliOS

[15]Laravel

[8]LeetCode

[28]Linux

[1]Logrotate

[7]Mac

[1]Metasploit

[2]MongoDB

[4]Networking

[4]Nginx

[2]NodeJS

[11]One-liner

[11]PHP

[7]Pentest Android

[6]Python

[1]React

[4]React Native

[3]Ruby

[4]SQL

[32]Server

[3]Squid

[1]TMUX

[7]Thoughts

[15]Ubuntu

[3]VIM

[2]VirtualBox

[4]WSL2

[34]Web

[8]Windows

[10]WordPress

[1]choco

[1]vmware

[1]wkhtmltopdf

September 10, 2019

Hackerone - Micro-CMS v1

Flag 0

found, forget src

Flag 1

this one doesnt make sense,wtf

just add a quote @ the end

 http://34.74.105.127/f2bbc83d74/page/edit/1 <= http://34.74.105.127/f2bbc83d74/page/edit/1'

Flag 2

found, forget src

Flag 3

use body tag

&#x3C;/body&#x3E;&#x3C;BODY onload=alert(&#x22;XSS&#x22;)&#x3E;&#x3C;/p&#x3E;