Reflected XSS on pro.sony with Google Dork & Akamai Waf Bypass
Hi guys. This will be my last reflected xss write-up for now. We should focus more complex vulnerabilities. We need more reading and learning. Until next month, I plan to stop find bugs and learn a lot more technique. Because I’m new in bug bounty and I’m looking for xss predominantly.
Anyway, let’s start. 🐱💻
1 - Google Dork
An easy and effective tool to use. It is a tool that I use constantly, not just when looking for a target.
Also you should check following resources…
Listing of a number of useful Google dorks
2 - Look everywhere
First target was https://pro.sony.com.cn/cn/1yr-warranty-extension/eoc/wap/pm_activity.jsp
After a little browsing, I discovered the target page.
Then I viewed the page source and looked for a reflected value.
It was very easy. Let’s try to get XSS. Oops
Then I saw that this site redirect me to the pro.sony site.
I thought this was the same code and when I looked at the same place, the result was positive.
I tried to get xss right away, but I came across akamai.
Let’s find a payload using twitter 😉
Thank you and sorry about my bad english. As I learn new things, I will try to share with you. You can follow to be informed about new write-ups.