Finding XSS on .apple.com and building a proof of concept to leak your PII information

Initial ‘recon’

Reading this in detail? If you check Sam currys post you will see “WebObjects” is used in a lot of requests. :-) Be pro-active and you will find some interesting things in places

Hacking as a family

Making a proof of concept

Let the hunt begin.

Full name, address, appleID

--

--

--

UK WebApp Security Researcher. Creator of BugBountyHunter— designed to help people learn and get involved with hacking. zseano.com & bugbountyhunter.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Numbers Protocol Asset & Deflationary Token Economy

File systems of Windows, Linux, and Mac operating systems

How To Crack Bad Eggs

Web Application Security Testing with OWASP ZAP

The future of Confidential Computing

{UPDATE} Vinh Witcher Hack Free Resources Generator

{UPDATE} Cliff Diving 3D Hack Free Resources Generator

Cybersecurity Aspirations, The Start!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sean (zseano)

Sean (zseano)

UK WebApp Security Researcher. Creator of BugBountyHunter— designed to help people learn and get involved with hacking. zseano.com & bugbountyhunter.com

More from Medium

Jet Protocol Upgrade Bug Patch Disclosure

BLIND SSRF

CVE-2021–38314 Leads to Sensitive Information Disclosure

OTP bypass via response manipulation