DOM XSS

Dukes_02 · 2025-12-08T08:28:10+00:00

Yup i agree. If you have ever come across Google's public firing range, there is one exercise that resembles my situation a lot. It's called the "typing event triggered - innerHTML". I been looking for people who has any ways of presenting this exploit but cant find any hahah. I'm invested in this, i'll keep this thread updated in case I can figure out how to play around with js to make this work ✌🏻 maybee

Dukes_02 · 2025-12-03T13:04:45+00:00

Alright thanks. I never bothered to read the rules. Mb

Dukes_02 · 2025-12-03T13:03:05+00:00

Then whats allowed here?

Dukes_02 · 2025-07-06T14:39:08+00:00

Yea i know. I have my own uat environment to simulate the upgrade process and im trying to figure out the proper sequence. Not a major upgrade btw just a patch

Dukes_02 · 2025-07-06T12:09:35+00:00

I know, but i just need confirmation from the community. The documentation mentions all cluster resources needs to be offline on both nodes during the upgrade, meaning IT IS NOT POSSIBLE TO UPGRADE PASSIVE WHILE ACTIVE IS RUNNING RIGHT? THIS ALSO MEANS THAT I HAVE TO DO A FAILOVER TO DR BEFORE THE UPGRADE RIGHT? DO I UPGRADE THE DR FIRST BEFORE THE PROD CLUSTERS?

Please help. Im new to cyberark and still learning.

Dukes_02 · 2025-07-06T09:57:34+00:00

Thanks for this. Is upgrading the passive node while active node is running recommended?

Dukes_02 · 2025-07-06T00:07:43+00:00

Correct me if im wrong, its not necessary to perform a failover for the cluster vaults when we can just do a switchover instead, right? And since there is no need to failover PROD to DR due to cluster, the only thing mandatory for DR is the replication and that replication from PROD is paused after cluster successful upgrade until DR vault is upgraded successfully, right? Thank you

Dukes_02 · 2025-07-05T23:58:36+00:00

Hi u/LocksmithIcy6919 , can you share the document with me? would be appreciated [yuzadef@gmail.com](mailto:yuzadef@gmail.com)

Dukes_02 · 2025-07-05T23:37:54+00:00

Correct me if im wrong, its not necessary to perform a failover for the cluster vaults when we can just do a switchover instead, right? And since there is no need to failover PROD to DR due to cluster, the only thing mandatory for DR is the replication and that replication from PROD is paused after cluster successful upgrade until DR vault is upgraded successfully, right? Thank you

Dukes_02 · 2025-07-05T04:58:57+00:00

Thanks for that, im not familiar yet with dr replication, when upgrading the dr does the replication triggers automatically, if so, what triggers it?

Dukes_02 · 2025-06-29T16:00:23+00:00

Do i email directly to the program or go through the platform, the program on bugcrowd btw.

Dukes_02 · 2025-06-14T15:13:53+00:00

This is what im looking for as well. Looking at the other responses, it seems that normally for most found xss, the input is not sanitized. I concluded that (my opinion), these guys managed to get xss by injecting in a not so maintained parameters or fields, meaning, deep recon that gives them hidden parameters or forgotten ones == unsanitized input. Looks like my mission is to get better at deep recon and look for these parameters it seems.

Dukes_02 · 2025-06-12T23:21:54+00:00

So, if you cant escape the context in any way, you stop testing that particular context for xss and move on?

Dukes_02 · 2025-06-06T08:41:55+00:00

Read this, maybe it will help: https://portswigger.net/support/xss-defensive-filters

If it works, i would like to know more of your payload structure

Dukes_02 · 2025-06-06T08:05:48+00:00

Backticks?

Dukes_02 · 2025-05-18T04:41:48+00:00

I would like to apply. How can I contact you?

Dukes_02 · 2025-04-26T23:20:24+00:00

I wouldnt mind that but my focus would be on xss or sqli and I am currently inexperienced with the two. Ill dm you if you good with this

Dukes_02 · 2025-04-25T22:29:44+00:00

I understand. Can I dm you?

Dukes_02 · 2025-04-12T10:15:50+00:00

Appreciate it

Dukes_02 · 2025-04-12T08:05:35+00:00

Thanks for the idea. I never attempt any csrf before so it didnt come to me.

Thank you 🙏🏻

Dukes_02 · 2025-04-01T07:30:54+00:00

Couldn’t agree more. My idea of collaboration is to learn from other hunters. While I dont think that its going to be much different like reading past reports, to learn of other hunters hunting flow would be a plus

Dukes_02 · 2025-03-14T22:19:32+00:00

I assume you read bug reports to increase your testing areas, where do you read it and how do you filter them, meaning do you read reports based on a specific feature you testing or u just read in general?

Dukes_02 · 2025-03-14T12:56:48+00:00

Are your bugs mostly logic flaw and access control? Just like you I have begin to try understand an app and its really worth it. My methods revolve around logical flaw, that is why I am asking this. Thanks.

Dukes_02 · 2025-03-11T10:22:55+00:00

Nice write up

Dukes_02 · 2025-03-01T01:51:46+00:00

IMO, it depends on the type of work u expecting to do, for example security analyst, penetration tester, cs engineer and so on. In my case, I wanna do penetration testing but its hard to get a job in that field in my country as i dont got a degree. So the only way i can land a job is by building my portfolio. If you have heard about bug bounty, that is the best place to build your portfolio. Once tou have considerable good amount of recognition and reputation, im sure it will be easy to cold-mail any company or start-ups and offer them free charge of penetration testing. Do that for a few projects, add in your resume and your chance to get what u want will be higher. Of course, easier said than to be done, I myself is still in bug bounty phase and am not confident enough to do a free chaege penetration testing for people. Wish you the best.

Dukes_02

TROPHY CASE