GITBOOK-4180: change request with no subject merged in GitBook

This commit is contained in:
CPol 2023-12-05 11:51:09 +00:00 committed by gitbook-bot
parent 81005f76c9
commit 5fc9f17db4
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 4 additions and 2 deletions

View file

@ -77,8 +77,6 @@ Intruder never rests. Round-the-clock protection monitors your systems 24/7. Wan
<figure><img src=".gitbook/assets/image (5).png" alt=""><figcaption></figcaption></figure>
<figure><img src="../../.gitbook/assets/image (1) (3) (1).png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
**Hacking Insights**\
@ -92,6 +90,8 @@ Stay informed with the newest bug bounties launching and crucial platform update
**Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!
***
### [WebSec](https://websec.nl/)
<figure><img src=".gitbook/assets/websec (1).svg" alt=""><figcaption></figcaption></figure>

View file

@ -207,6 +207,8 @@ ws.send('{\"id\": 1, \"method\": \"Network.getAllCookies\"}')
print(ws.recv()
```
In [**this blogpost**](https://hackerone.com/reports/1274695), this debugging is abused to make a headless chrome **download arbitrary files in arbitrary locations**.
### Injection from the App Plist
You could abuse this env variable in a plist to maintain persistence adding these keys: