https://ag2s.ca/spellbook/2.-web-pentesting/ Recent content on SpellBook Hugo en-us https://ag2s.ca/spellbook/2.-web-pentesting/misc/ Mon, 01 Jan 0001 00:00:00 +0000 https://ag2s.ca/spellbook/2.-web-pentesting/misc/ <h2 id="https-exfiltration-server">HTTPS Exfiltration Server<a class="anchor" href="#https-exfiltration-server">#</a></h2> <h3 id="real-environment">Real environment<a class="anchor" href="#real-environment">#</a></h3> <p>Use <a href="https://app.interactsh.com">interact.sh</a>. This is the cheapest (free) one for POC. Otherwise, setup your own exfiltration server on cloud, or on prem if you&rsquo;re nuts</p> <h3 id="lab-ctf">Lab, CTF<a class="anchor" href="#lab-ctf">#</a></h3> <p>Create a certificate. Outside of lab environment, better set this up with <code>Nginx</code> or <code>Apache2</code> and request cert from letsencrypt</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>openssl req -new -x509 -keyout server.pem -out server.pem -days <span style="color:#ae81ff">365</span> -nodes</span></span></code></pre></div><p>For payloads in <a href="https://ag2s.ca/spellbook/2.-web-pentesting/2.2-common-attacks/xss---cross-site-scripting/">XSS - Cross Site Scripting</a>. This simple server will <code>base64</code> decode <code>data</code> key in json string like <code>{&quot;data&quot;: &quot;b64-string&quot;}</code></p>