{"blog_title":"Shikata Ga Nai","author_name":"ThisIsOne","published":"2026-06-20 16:11:27","title":"\u3010PRACTITIONER\u3011Scanning non-standard data structures","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2026%2F06%2F20%2F161127\" title=\"\u3010PRACTITIONER\u3011Scanning non-standard data structures - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","height":"190","url":"https://cysec148.hatenablog.com/entry/2026/06/20/161127","width":"100%","blog_url":"https://cysec148.hatenablog.com/","description":"Hello there, ('\u03c9')\u30ce \u975e\u6a19\u6e96\u30c7\u30fc\u30bf\u69cb\u9020\u306b\u6f5c\u3080Stored XSS 0. \u6982\u8981\uff08TL;DR\uff09 \u30bb\u30c3\u30b7\u30e7\u30f3\u30af\u30c3\u30ad\u30fc\u304c <username>:<token> \u3068\u3044\u3046\u975e\u6a19\u6e96\u306e\u69cb\u9020\u3092\u6301\u3061\u3001\u305d\u306e username \u30b5\u30d6\u30d5\u30a3\u30fc\u30eb\u30c9\u304c Stored XSS \u306e\u30b7\u30f3\u30af\u306b\u306a\u3063\u3066\u3044\u308b\u3002username \u306f\u30b5\u30fc\u30d0\u5074\u306e\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\uff0f\u5206\u6790\uff08admin\u95b2\u89a7\u7528\uff09\u306b\u8a18\u9332\u3055\u308c\u3001admin \u304c\u305d\u308c\u3092\u95b2\u89a7\u3057\u305f\u969b\u306b\u30b9\u30af\u30ea\u30d7\u30c8\u304c\u767a\u706b\u3059\u308b\u3002 \u901a\u5e38\u306fBurp Scanner\u306e\u300cScan selected insertion point\u300d\u3067\u3053\u306e\u975e\u6a19\u6e96\u69cb\u9020\u5185\u306e\u8106\u5f31\u6027\u3092\u767a\u898b\u3059\u308b\u60f3\u5b9a\u306e\u30e9\u30dc\u3060\u304c\u3001\u672c\u8a3a\u65ad\u3067\u306f\u624b\u52d5\u3067\u69cb\u9020\u3092\u89e3\u6790\u3057\u3001cur\u2026","categories":["Web Security Academy","PortSwigger"],"type":"rich","provider_url":"https://hatena.blog","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","provider_name":"Hatena Blog","version":"1.0","image_url":null}