Tale of XSS in Angular
Hello Security Researcher and Hackers
In this writeup I will explain how I was able to get 2 rXSS in Angular using automation and simple payloads in Github
First of all I will explain my recon automation and how I was able to detect the XSS in those 2 subdomains , I’m currently a subscriber to Findomain Maintained and created by Ed who originally created Findomain Public
His service allows you to add targets you want and perform a lot of cool stuff on the finding subdomains that looks as follows
and many more you can head over his website to check the packages his offers and you may ended up getting one for yourself
I was looking at my Telegram where I set up the incoming recently found subdomains and I saw 2 newly discovered ones and I wanted to take a small look at them, with Wappalyzer plugins saw the both assets are using Angular 1.6 where I previously saw that it has an XSS payload that works in Github
I tried to log in and I received an error since my email is not in the authorized organization…
