web application – I discovered a Client Side Template Injection (CSTI), and after?

As part of a bounty bug, I discovered a Client Side Template Injection (CSTI). I would like to create more “impressive” payload to increase the risk of the vulnerability. The framework affected is AngularJS.
Theses payload works:

{{7*7}}
${{constructor.constructor('alert("This is a CSTI");')()}}
${{constructor.constructor('alert(document.cookie);')()}}
${{constructor.constructor('window.prompt("Your session has expired, please enter your password");')()}}

The next steps are to inject a Beef Payload and take screen capture of the list of hooked browser. I precise the affected software is on my computer and I will be my own victim.
I precise the web page affected need to be written with a privileged account but viewed with each user of the web application.

What can I do as more powerful with a CSTI ?

Harcoded Backdoor Discovered on Zyxel Firewalls

Researchers have discovered a hardcoded admin-level backddoor on Zyxel firewalls, access point controllers and and VPN gateways.

seo – My website has less than 10 pages: Why does my sitemap have 448 discovered URLs?

I’ve attempted to improve the SEO of my website by submitting a sitemap to Google Search Console.

The status is a success but I have 448 discovered URLs with less than 10 pages on my website: clientsforcounsellors.com/sitemap.xml

Also, when I type in my domain name in the address bar, followed by any slug, e.g. clientsforcounsellors.com/sdlkgr, I’m redirected to my homepage instead of having a 404 page displayed.

What’s the problem here? Do soft 404’s have anything to do with this?

Google Search Console reporting only a small fraction of the URLs in my sitemap index have been discovered

My sitemap index file does not show any errors on google search console, but it only shows 397 discovered urls whereas it should have been over a million.
Wrong number

Basically my sitemap index file looks like this:


<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
  <sitemap><loc>https://www.example.com/sitemap1</loc><lastmod>2020-09-14T04:38:25Z</lastmod></sitemap>
  <sitemap><loc>https://www.example.com/sitemap2</loc></sitemap>
  <sitemap><loc>https://www.example.com/sitemap3</loc></sitemap>
  <sitemap><loc>https://www.example.com/sitemap4</loc></sitemap>
  <sitemap><loc>https://www.example.com/sitemap5</loc></sitemap>
  ... (614 sitemap entries in total)
</sitemapindex>

What can be wrong? Do I have too many <sitemap> entries?

edit: This was actually working, I had over a million discovered URLs, then I added like 200 <sitemap> entries to the sitemap.xml and it “broke”, meaning it started showing only 397 discovered URLs for the sitemap (coverage is unaffected).

Can private key used in ECDSA be discovered when many signatures were colleced?

Can private key used in ECDSA be discovered when many signatures of different messages were collected (1M+) or may signatures of the same message were collected?

reference request – Discovered 240 new circles assosicated with Pascal’s line

I am looking for a proof or a reference request for a problem as follows:

Problem: Let a cyclic hexagon with sidelines $l_1$, $l_2$, $l_3$, $l_4$, $l_5$, $l_6$ and $l_1 cap l_4 =A$, $l_3 cap l_6 = B$, $l_5 cap l_2 = C$. Let $l’_1$ is the line through $A$ and parallel to $l_3$ meets $l_2, l_6$ at $P_{12}, P_{16}$; $l’_3$ is the line through $B$ and parallel to $l_5$ meets $l_2, l_4$ at $P_{32}, P_{34}$, $l’_5$ is the line through $C$ and parallel to $l_1$ meets $l_4, l_6$ at $P_{54}, P_{56}$. Then show that six points $P_{12}$, $P_{16}$, $P_{32}$, $P_{34}$, $P_{54}$, $P_{56}$ lie on a new circle.

enter image description here

penetration test – I had discovered unusual open port in my target (like 2085) What can i do to penetrate my target?

I used port scanning software to discover open port in my target machine.

Nmap output me that ports 2085,2086,5009 and other unusual ports (no http,no ssh,no FTP…) are open

My question is : What can i do to penetrate my target system ?

Thanks for answers !

google search console – No discovered URLs and index covered button is disabled

I am using Rank Math as an SEO plugin
As per there recommendations as well as google recommendations, I should only add the index XML file

But I got discovered URLs= 0 and index coverage button is disabled

enter image description here

PS: the site map index has been added 1 month ago!

I just discovered the easiest and easiest way to make money online

The simplest and easiest way to make money online is to join buzzbreak where you only have to read the news and watch videos to get paid.
B03072123 (http://bit.ly/39RLP91)
To earn an extra bonus, enter my referral code B03072123 after I start using it! Download from Google Play to win a big reward.
Click on WALLET, click on ENTER, enter my code to get your bonus. Good luck

rootkits – Hidden process discovered in Tails OS

unhide-linux scan from: 17:02:43, 2020-03-23 ​​Options used:
logtofile (*) Search for hidden processes via / proc stat
scanning

(*) Search for hidden processes via analysis / proc chdir

(*) Search for hidden processes via / proc opendir scanning

(*) Hidden thread search via analysis / proc / pid / task readdir

(*) Starting the analysis using brute force against PIDS with fork ()

HIDDEN PID found: 20540 Command line: "" Executable: ""
"… maybe a transient process" (*) Start scanning using
brute force against PIDS with pthread functions

(*) Search for bogus processes by checking that all the threads seen by
ps are also seen by others

(*) Search for hidden processes via sysinfo analysis ()

1 HIDDEN processes found sysinfo.procs reports 565 processes and ps
sees 566 unhide-linux scan processes ending at: 17:04:57, 2020-03-23