Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Oracle E-Business Suite - Cross-Site Scripting

By kannthu

Medium
Vidoc logoVidoc Module
#oracle#xss#ebs
Description
Author: dhiyaneshDk Reference - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf Metadata max-request: 3

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/OA_HTML/jtfLOVInPro.../OA_HTML/oksAutoRene.../OA_HTML/ieuiMeeting...
Matching conditions
word: <svg/onload=alert('{{randstr}}')>and
status: 200and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability