After Arab's stand against Indian Islamophobics, those who work in Gulf have deactivated their fb & twitter accounts. Many have been booked, others have apologised for their remarks. Jab peet pe laat padhti hai, tab dharam aur bhakti bhool Jati hai!
RCE for life♥️😛
$$$$+$$$ Bonus
1.Started knockpy for scan
2.Found odoo service IP
3.Checked response in https://t.co/OVBbdnC30s
4. 302 redirect 😅😛
5.Redirected to jenkins instance
6.Unauthorized access to CLI terminal
7. Command id
Another example of two systems handling data differently and how it can be exploited.
tl;dr
ℹ️ <[email protected]>[email protected] is submitted as the email address
ℹ️ Email is sent to [email protected]
ℹ️ But [email protected] gets registered
https://t.co/9BNelny0AY
Ever wonder how @Th3G3nt3lman consistently collects $15K bounties? 💰How to attack API's or React Native apps? 📱Read this, and much more, in this week's #BugBytes!
https://t.co/0AtM3gTxZj
Must watch Series:
Designated Survivor
House Of Cards
Viking
Money Heist
The Spy
Fauda
Punisher
Narcos
Breaking Bad
Dexter
Sons Of Anarchy
True Detective
Suits
Bodyguard
Peaky Blinders
Lost
Prison Break
You
Chernobyl
Originals
Flash
Banshee
Spartacus
The Wire
GOT
Brooklyn Nine9
https://t.co/V5dtZj1dpX
added a few more thing's after I submitted, but here's my writeup for the 30K CTF from @NahamSec
thank you @garagosy & @NahamSec - it was a lot of fun
Update CVE-2019-19781
You can exploit the vulnerability without the file https://t.co/HwA04i1qfJ and only use the file https://t.co/PJ0l4BRdXN !
You can inject your payload inside the name of the XML file and fire the command execution ! 🔥💪
#shitrix#citrix
I just released some of my PoCs!
IDOR:
https://t.co/E6hBaWp5Zp
Stored XSS:
https://t.co/5laqvlf2U7
Stored XSS:
https://t.co/KkJRiliLAA
RXSS:
https://t.co/gH79T97lnm
RXSS:
https://t.co/cJUzLJOWYn
RXSS:
https://t.co/Kn51livk47
RXSS:
https://t.co/Dc9irDxZSC
#GeneralEG#BugBounty
New video incoming! 🚨
In this video, we talk APIs. What they are, where to find them, and most importantly how to test them for bugs! We cover: API recon, the most common API bugs and teach you how to find them
#bugbountytip#BugBounty#CyberSecurity
https://t.co/3hDwOizxwl