Technical takeaways from H1-415: Using invalid URL encoding sequences (ie %$1) can cause HTTP parameter pollution, do virtual host scanning with ports, find the origin server for things behind CDNs, and brute force GraphQL endpoints if introspection is off.arrow-up-right
Got my 1st HTTP Parameter Pollution (HPP) bug rewarded! Targeting an OAuth login: by providing url parameter "scope" twice, the page asked confirmation for the first, but ended up authorizing all others too:arrow-up-right
/oauth?redirect=x&response_type=code&client_id=x&scope=name&scope=emailarrow-up-right
Last updated 10 months ago
