Mirrors/bugbounty-cheatsheet
2
0
Fork 0
mirror of https://github.com/EdOverflow/bugbounty-cheatsheet.git synced 2024-11-22 02:53:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

update cors.md

Browse source
This commit is contained in:
Tamim Hasan 2021-05-19 19:13:52 +06:00 committed by GitHub
parent 14a70dc779
commit 510ebdd617
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
cheatsheets/cors.md
View file

@ -7,6 +7,17 @@ Check to see what the server responds with in the `Access-Control-Allow-Origin:`
If it is trusting arbitrary origins **with** allow-credentials set to true, then host this HTML as a proof of concept.
## Some method to bypass CORS
1. `Origin:null`
2. `Origin:attacker.com`
3. `Origin:attacker.target.com`
4. `Origin:attackertarget.com`
5. `Origin:sub.attackertarget.com`
6. `Origin:attacker.com and then change the method Get to post/Post to Get`
7. `Origin:sub.attacker target.com`
8. `Origin:sub.attacker%target.com`
9. `Origin:attacker.com/target.com`
```
<!DOCTYPE html>
<html>