[*] RCE exploit tip...
If you have a "Blind RCE" and you can get HTTP interactions using `curl` command...
You can steal local files from the server by using the `-d` flag with the `@` symbol at the beginning of the target file name and send the full content to your OOB server
🧵Bug Bounty Diaries ( D3 )
This was an EPIC hack...
TTMG, In this report, I was able to combine 2 vulnerabilities to bypass the login page of an admin portal and log in as an admin, without any username or password
Maybe more details in the future...
Hey brothers and sisters 🤍
This dunya is delusional
don’t chase it blindly.
Follow the Akhirah, and Allah will grant you what’s best in both dunya and Akhirah.
Keep going, whatever your struggles or thoughts.
Have tawakkul ‘ala Allah 💙
In shā’ Allāh.
#Islam#Tawakkul#Akhirah