XSS Through SWF file!

First off, I’d like to say thank you to everyone who’s followed and helped me learn different target points and attacks for web testing.

In this story, I will be telling how a flash file led me to an XSS — however, I will not be disclosing the website due to their privacy and respect. 😊

Let’s start.

You will need an XSS swf. That XSS swf file can be obtained through: https://github.com/evilcos/xss.swf — download the file and then upload to the server you’re testing on for Bounty Hunting!!

Once you see the file is on the server and doesn’t ask you to download/reflects on the server, that’s when you put your XSS code.

Simply add ?js=alert(document.domain); at the end of your .swf and it should display the XSS.

Screenshots:

As you can see, the x.swf file stays on the server.
Adding ?js=alert(document.domain); triggered my XSS.

Time and date for payout:

Mon, Oct 29, 2018 10:51 AM - XSS found and reported the same day.
Wed, Oct 31, 2018, 9:56 AM - An investigation was done by their security team.
Nov 19, 2018, 8:18 AM - Payout of $200 USD was sent to my PayPal.

Thank you for all reading and hope this helps you in your quest for bounty hunting. 😎

If you have any questions or comments, feel free to message me on Twitter @Skeletorkeys