mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
20 lines
938 B
Markdown
20 lines
938 B
Markdown
# Injeções de Números de Telefone
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
É possível **adicionar strings ao final do número de telefone** que podem ser usadas para explorar injeções comuns (XSS, SQLi, SSRF...) ou até mesmo para contornar proteções:
|
|
|
|
<figure><img src="../images/image (461).png" alt="https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0"><figcaption></figcaption></figure>
|
|
|
|
<figure><img src="../images/image (941).png" alt="https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0"><figcaption></figcaption></figure>
|
|
|
|
**Contorno de OTP / Bruteforce** funcionaria assim:
|
|
|
|
<figure><img src="../images/image (116).png" alt="https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0"><figcaption></figcaption></figure>
|
|
|
|
## Referências
|
|
|
|
- [https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0](https://www.youtube.com/watch?app=desktop&v=4ZsTKvfP1g0)
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|