0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [master] 2 pages modified

This commit is contained in:
CPol 2021-05-05 09:24:26 +00:00 committed by gitbook-bot
parent 51917c1a7c
commit 6d5bcdd21f
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mobile-apps-pentesting/android-app-pentesting/android-applications-basics.md
View File

@ -121,8 +121,7 @@ To be simple Intent can be used:
* To access data via ContentProviders
* As callbacks to handle events
Improper implementation could result in data leakage, restricted functions being called and program flow being manipulated.
[**Learn more about intents reading here.**]()\*\*\*\*
Improper implementation could result in data leakage, restricted functions being called and program flow being manipulated.
### Intent-Filter

4
pentesting-web/deserialization/nodejs-proto-prototype-pollution.md
View File

@ -270,6 +270,10 @@ These errors can affect a lot of Javascript projects, especially NodeJS projects
This bug affects all versions of Lodash, already fixed in version 4.17.11.
### Another tutorial with CVEs
{% embed url="https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2" %}
## AST Prototype Pollution
In NodeJS, AST is used in JS really often, as template engines and typescript etc.