MULTIPLE TIMES I HACKED DUKE UNIVERSITY WITH RXSS VULNERABILITY!!!

I’m Going to share one of my other Reflected Cross-Site Scripting Scenario.

As you know I didn’t believe in automation and I love for manual approach…..

Have a look at my steps like what methodology I used for my findings

Duke University is my target.

Now first of all start with Google Dorks & always start with these dorks

site:*.duke.edu inurl:/login

Using this dork you’ll be able to get all those login panels of duke university.

And I found my target from where I have to start my Xss Hunting….

I discovered a Forget password functionality there is another function which is called Account Lookup sometimes forget pwd functionality is not properly working whereas the Account Lookup function will properly be worked.

So the Account Lookup function asks me to Enter the Legal First/Given Name, Legal Last/Family Name & Birth Year.

  1. Then I entered xss<> into Legal First/Given Name & Legal Last/Family Name.
Here as you can see the GIven Name reflected in my response body.

2. After sending the request my Given Name: xss<> reflected into my response body without sanitizing properly.

3. Now I crafted a script payload and injected it into the Given Name parameter and I got a poped-up.

Reported this flaw and they multiple times recognized

Youtube Video: https://youtu.be/bpPcd9OrnZo

Thanks for taking the time to read my write-up and share it with your friends, Like & Follow for more updates.

Follow me:

Instagram

Twitter

Facebook

LinkedIn

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Amit Kumar Biswas @Amitlt2

Amit Kumar Biswas @Amitlt2

SECURITY ANALYST | SECURITY RESEARCHER | ACK. BY APPLE, MICROSOFT, SAMSUNG, SOUNDCLOUD, ACCENTURE, TAKEAWAY & MANY MORE | R&D IN BLOCKCHAIN TECH | B.TECH IN CSE