$!|3nt_4unt3r

@shub66452

Bug hunter. Researcher. coder enthusiast

Vrijeme pridruživanja: studeni 2017.

Tweetovi

Blokirali ste korisnika/cu @shub66452

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @shub66452

  1. proslijedio/la je Tweet
    3. velj

    When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.

    Poništi
  2. proslijedio/la je Tweet
    2. velj

    This month I learnt how to analyse the JavaScript of a React Native application while bounty hunting. I wanted to share what I found out with everyone else.

    Poništi
  3. proslijedio/la je Tweet
    31. sij
    Poništi
  4. proslijedio/la je Tweet
    29. sij

    -API TIP:28/31- Pentest for .NET apps? Found a param containing file path/name? Developers sometimes use "Path.Combine(path_1,path_2)" to create full path. Path.Combine has weird behavior: if param#2 is absolute path, then param#1 is ignored. - Leverage it to control the path -

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    28. sij
    Poništi
  6. proslijedio/la je Tweet
    27. sij

    -API TIP:26/31- Looking for BOLA (IDOR) in APIs? got 401/403 errors? AuthZ bypass tricks: * Wrap ID with an array {“id”:111} --> {“id”:[111]} * JSON wrap {“id”:111} --> {“id”:{“id”:111}} * Send ID twice URL?id=<LEGIT>&id=<VICTIM> * Send wildcard {"user_id":"*"}

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    25. sij
    Poništi
  8. proslijedio/la je Tweet
    26. sij
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    23. sij

    -API TIP:23/31- Found a way to download arbitrary files from a web server? Shift the test from black-box to white-box. Download the source code of the app (DLL files: use IL-spy; Compiled Java - use Luyten) Read the code and find new issues!

    Poništi
  10. proslijedio/la je Tweet
    20. sij

    Heads up: we are working on a solution for to automatically identify leaks during the spidering and passive phases. Watch this space.

    Poništi
  11. proslijedio/la je Tweet
    18. sij

    would like to thanks for sharing your passive recon techniques found database of oraganization uploaded in public pdf form thanks again Dork : site: intext:compamyname

    Ovo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
    Poništi
  12. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  13. proslijedio/la je Tweet
    13. sij

    -API TIP: 13/31- Use Mass Assignment to bypass security mechanisms. E.g., "enter password" mechanism: - `POST /api/rest_pass` requires old password. - `PUT /api/update_user` is vulnerable to MA == can be used to update pass without sending the old one (For CSRF)

    Poništi
  14. proslijedio/la je Tweet
    12. sij

    Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :)

    Poništi
  15. proslijedio/la je Tweet
    12. sij

    -API TIP : 12/31- Testing for BOLA (IDOR)? Even if the ID is GUID or non-numeric, try to send a numeric value. For example: "/?user_id=111" instead of "user_id=inon@traceable.ai" Sometimes the AuthZ mechanism supports both and it's easier the brute force numbers.

    Poništi
  16. proslijedio/la je Tweet
    11. sij

    - API TIP: 11/31 - The API uses Authorization header? Forget about CSRF! If the authentication mechanism doesn't support cookies, the API is protected against CSRF by design.

    Poništi
  17. proslijedio/la je Tweet
    10. sij

    -API TIP: 10/31- Exploiting BFLA (Broken Function Level Authorization)? Leverage the predictable nature of REST to find admin API endpoints! E.g: you saw the following API call `GET /api/v1/users/<id>` Give it a chance and change to DELETE / POST to create/delete users.

    Poništi
  18. proslijedio/la je Tweet
    10. sij

    Yo hackers! I've built a small website that has some challenges. 🔗 The main challenge for the week is `WW3` All upcoming challenges will be hosted there, so stay tuned :) Would love to know what you guys think. Have fun!

    Poništi
  19. proslijedio/la je Tweet
    9. sij

    - API TIP: 9/31 - Pentest for APIs? Trying to find BOLA (IDOR) vulnerabilities? IDs in the HTTP bodies / headers tend to be more vulnerable than IDs in URLs. Try to focus on them first.

    Poništi
  20. proslijedio/la je Tweet
    8. sij

    New Writing Bypass SameSite Cookies Default to Lax and get CSRF Looking at a new Chrome feature and the 2 minute quirk which make it possible to bypass it, also solution to my CSRF challenge.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·