How i bypassed Practo’s firewall and triggered a XSS.
One night after submitting few bug reports, i was browsing practo.com and then i thought of looking for vulnerabilities on it.
After some time i came to know that they have firewall blocking all the XSS payloads so i had to try something advance, but somehow i managed to get HTML Injection on their main domain.
Then i started digging deep to get a XSS, but Firewall :( then i thought of going back to brutelogic’s blog and see if it’s possible to bypass it or not.
Most of the JS event handlers like onmouseover, onload, onclick was blocked by firewall but after experimenting a lot oncopy worked and triggered a XSS.
The payload which worked was :
<vipin oncopy = prompt(document.domain)>
I reported this issue to Practo and they fixed it within few hours.
It was when i just started into security research/bug bounty, it was a great learning experience for me.
So guys when you are stuck in such situations just keep on digging and look out for help from other researchers and their blogs it will help for sure.
I hope it was helpful for you too.
Thanks for reading, Have a great day.