This is a pretty fun read on using a polyglot jpeg to bypass CSP leading to a XSS vuln.
http://blog.portswigger.net/2016/12/bypassing-csp-using-polyglot-jpegs.html
Forum Thread: Bypassing CSP with Polyglot JPGs
- Hot
- Active
-
Forum Thread: Removing Pay-as-You-Go Meter on Loan Phones. 1 Replies
1 wk ago -
Forum Thread: Install Metasploit Framework in Termux No Root Needed M-Wiz Tool 2 Replies
1 wk ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 3 Replies
2 wks ago -
Forum Thread: How to Track Who Is Sms Bombing Me . 3 Replies
2 wks ago -
Forum Thread: moab5.Sh Error While Running Metasploit 17 Replies
1 mo ago -
Forum Thread: Execute Reverse PHP Shell with Metasploit 1 Replies
2 mo ago -
Forum Thread: Hack and Track People's Device Constantly Using TRAPE 35 Replies
3 mo ago -
Forum Thread: When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen. 8 Replies
4 mo ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
5 mo ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
5 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
7 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
7 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
7 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
8 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
8 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
8 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
8 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
8 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
9 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
9 mo ago
-
How To: Dox Anyone
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Use VNC to Remotely Access Your Raspberry Pi from Other Devices
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Spy on Traffic from a Smartphone with Wireshark
-
Tutorial: Create Wordlists with Crunch
-
How To: Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To: Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally
-
Hack Like a Pro: Digital Forensics for the Aspiring Hacker, Part 1 (Tools & Techniques)
-
How To: Bypass PowerShell Execution Policy to Pwn Windows
-
How To: Make Your Own Bad USB
-
How To: Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To: Use SQL Injection to Run OS Commands & Get a Shell
-
How to Hack Wi-Fi: Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To: Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To: Brute-Force FTP Credentials & Get Server Access
1 Response
Cool! How could you upload it to a file managing website and trick it into running the image as JS?
Share Your Thoughts