coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

GitBook: [master] 2 pages modified

Browse Source
This commit is contained in:
CPol 2021-05-05 09:24:26 +00:00 committed by gitbook-bot
parent 51917c1a7c
commit 6d5bcdd21f
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mobile-apps-pentesting/android-app-pentesting/android-applications-basics.md
View File

@ -121,8 +121,7 @@ To be simple Intent can be used:
* To access data via ContentProviders * To access data via ContentProviders
* As callbacks to handle events * As callbacks to handle events
Improper implementation could result in data leakage, restricted functions being called and program flow being manipulated. Improper implementation could result in data leakage, restricted functions being called and program flow being manipulated.
[**Learn more about intents reading here.**]()\*\*\*\*
### Intent-Filter ### Intent-Filter

4
pentesting-web/deserialization/nodejs-proto-prototype-pollution.md
View File

@ -270,6 +270,10 @@ These errors can affect a lot of Javascript projects, especially NodeJS projects
This bug affects all versions of Lodash, already fixed in version 4.17.11. This bug affects all versions of Lodash, already fixed in version 4.17.11.
### Another tutorial with CVEs
{% embed url="https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2" %}
## AST Prototype Pollution ## AST Prototype Pollution
In NodeJS, AST is used in JS really often, as template engines and typescript etc. In NodeJS, AST is used in JS really often, as template engines and typescript etc.