hacktricks/cookie-bomb-+-onerror-xs-leak.md at ad06e0d8c1c91b8858764d57bbb4d4f37df0f9d1 - hacktricks - Commercial git is dead.

maride/hacktricks

mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00

Translator aaf8304324 Translated ['src/pentesting-web/proxy-waf-protections-bypass.md', 'src/m

2025-08-22 16:39:36 +00:00

7.1 KiB

Raw Blame History

{{#include ../../banners/hacktricks-training.md}}

Hierdie tegniek kombineer:

Cookie bombing: die slagoffer se blaaier met baie/groot cookies vir die teiken-origin volstop sodat opvolgende versoeke bediener-/versoeklimiete tref (request header size, URL size in redirects, ens.).
Error-event oracle: peil 'n cross-origin endpoint met 'n