Hello everyone its me Ahmed Mehtab and previously i found multiple vulnerabilities in SANS institute for Information Security and some of my friends were asking me to publish the proof of concept on it while its easy , indeed very easy a simple dom based xss but no worries i am posting the proof of concept here.

I usually found 2 of the posts vulnerable to DOM based XSS in SANS and other vulnerabilities too in which one of the vulnerability is related to DNS hijacking issue which is still unfixed while other low potential vulnerabilities but indeed vulnerabilities.


XSS which i found is fixed right now and below is the screen shot captured at that time and the domain.

xss found in SANS


While they have also included my name in the Acknowledgement page of SANS and i am very thankful to SANS for the acknowledgement.





  • http://www.sans.org/security



And i also want to thank my friend " Rafay Baloch " for helping me because there was a time when i was unable to reproduce it at one point and he helped me to get out of it and i just nailed it.

Your loving friend , Ahmed Mehtab 



#SANS #SANSEMA #XSS 





Lebih baru Lebih lama

Post a Comment

Posting Komentar