3 Minutes & XSS!

Hello wonderfull readers, Myself Ashish Jha back with another of my write-up, Yes you heard it right it was a “3 minutes and xss”, Now as an hacker i always try to be as much efficient as possible and always try to find bugs fast(It’s just my curiosity), Whenever i start pentesting any stuff i keep a rough record of the amount of time i took finding the bug.

Let me narrate you this one:

So the website i was pentesting was edmodo.com(I asked them for a public disclosure), It was just in the morning that i wanna pentest edmodo that day and in the noon i started it , Follow along.

Step 1:

I did a simply recon using knockpy and found a subdomain go.edmodo.com,

I went their and clicked on signup, which then redirected me to:

https://www.edmodo.com/onboarding?school_suggestion_test_variant=controlass&language=en_GB

Redirection image

Step 2:

I just added some <> in the first parameter —[ school_suggestion_test_variant=controlass<>], To see whether they get embedded into the source code, Then i found these brackets getting embedded between the <script> tags , WHAT NEED MORE!!!!!!!

<script> tags embedded!

Step 3:

<img src=x onerror=”alert(xss by ashish)”>, BOOOOOM XSS

This was my 3 minutes recon and xss, hope you may find it helpfull.

I then headed towards my mail and sent them the report, After a couple of days they replied back for rewarding the swags, And they are really awesome!

My overall experience with edmodo security team was really awesome(10/10).

Mug, Stickers, Badges, t-shirt

Thank you guys for reading, Write for you after a while!