Do you want to make money by applying tricks like these?
It's easy! Join our platform and score your first bounty today:
http://go.intigriti.com/signup 
-
-
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Brilliant. I wonder if http://host.com/path/%2e%2e/path … would have the same result...
-
It did in this case

- Još 6 drugih odgovora
Novi razgovor -
-
-
This was also one of the best tip given by
@fransrosen during@bsidesahmedabad conference talk. :)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
@rez0__ absolutely genius! Did you found what kind of protection bypassed? -
Yes it bypasses java backenda most frequently. Also, for the record, I didnt personally make 50k haha.
- Još 1 odgovor
Novi razgovor -
-
-
%2e is a dot. This means, that you use current directory. But if /admin is blocked, then you use the current directory prefix, to bypass the filter
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
NICE TIP TY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Why does this work?
-
Look at other replies. It beats a regex filter
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
Thanks for the