Once you have solved this challenge, please write a small writeup and send it to business@bepractical.tech
The people who will be able to solve both of these challenge will receive a shoutout in the upcoming video!
Challenge ends in 10 hrs
The people who will be able to solve both of these challenge will receive a shoutout in the upcoming video!
Challenge ends in 10 hrs
π6β€2π1
Hi everyone, The solution for task two is not on main.bepractical.tech
Actually that subdomain was used as a subdomain takeover lab and some participant have exploited it & uploaded the same webpage given as the challenge. We have removed every lab's dns record for now. The time duration for this challenge is now also increased to 24 hrs. ( It will expire on 1st July 2024 at 7pm IST)
Currently no one is able to find the solution for task 2!
Actually that subdomain was used as a subdomain takeover lab and some participant have exploited it & uploaded the same webpage given as the challenge. We have removed every lab's dns record for now. The time duration for this challenge is now also increased to 24 hrs. ( It will expire on 1st July 2024 at 7pm IST)
Currently no one is able to find the solution for task 2!
β€2
Hint: It is a reconnaissance challenge so please don't focus on finding or exploiting any vulnerabilities!
π3
So far, no one is able to solve the second challenge! The challenge will end at 7:00pm IST
π4π1
The challenge has been ended now! (Only three people were able to solve both of the challenges)
Congrats to Mehraj, Abhisekh and Akshit for successfully solving the challegnge!π₯³π₯³π₯³
Congrats to Mehraj, Abhisekh and Akshit for successfully solving the challegnge!π₯³π₯³π₯³
Media is too big
VIEW IN TELEGRAM
Here is the solution for both of the challenges!
We will be conducting a web recon workshop again for beginner-intermediate bug bounty hunters where you will learn how to dive deep into the target in this month! Stay Tuned
We will be conducting a web recon workshop again for beginner-intermediate bug bounty hunters where you will learn how to dive deep into the target in this month! Stay Tuned
β€11π2
In a recent penetration testing engagement, I was able to find an api endpoint which was disclosing every user's information present on the web page without any authentication!!
Here's what i did:
1. Used ffuf with valid cookies and headers to enumerate the content.
2. After the discovery of this endpoint, I simply remove the required cookies & headers.
3. I was still able to fetch the data!
As always, a proper reconnaissance is necessary to uncover interesting vulnerabilities!
Here's what i did:
1. Used ffuf with valid cookies and headers to enumerate the content.
2. After the discovery of this endpoint, I simply remove the required cookies & headers.
3. I was still able to fetch the data!
As always, a proper reconnaissance is necessary to uncover interesting vulnerabilities!
β€22π₯6π2
New Batch for this same workshop will be releasing soon this month! Stay Tunedβ€οΈ
β€7π1
Hi everyone, the new video is out! learn how you can use sqlmap effectively to hunt for sql injection vulnerabilities!
Check it out:
https://youtu.be/ciHcdiQ_GJ8
Check it out:
https://youtu.be/ciHcdiQ_GJ8
YouTube
4 Ways To Use SQLMAP Effectively For SQL Injection! | Bug Bounty | 2024
Join me in this exciting video as we explore four powerful ways to use SQLmap for SQL injection. Whether you're a beginner or a seasoned pro, you'll find valuable insights and practical techniques to enhance your skills.
In this video, we'll cover a lotβ¦
In this video, we'll cover a lotβ¦
π₯14β€4
Today i spent most of my time in crafting a payload that can bypass cloudflare and finally got one! I immediately tested the payload on few websites that were protected by cloudflare and successfully got the xss triggered!!!!
Reported this issue to the bug bounty program! Hoping for the bestβ€
Reported this issue to the bug bounty program! Hoping for the bestβ€
β€29π₯12π5π1
Media is too big
VIEW IN TELEGRAM
Here's the xss payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS
For those who were asking me how i created this, I actually used the same method discussed in this video: https://www.youtube.com/watch?v=4_VbPem6gxI
For those who were asking me how i created this, I actually used the same method discussed in this video: https://www.youtube.com/watch?v=4_VbPem6gxI
β€14π₯7π2
Hi everyone, We are excited to announce the second batch for web reconnaissance workshop!
If you are a beginner or someone who wants to upskill your recon game then this workshop is for you! Throughout these 7 days, we will explore various methods & techniques that will not only help you to get the basics but also it will help you in creating your own methodology!
You can use the link below to register into this workshop
-------------------------
For People Living In India:
Link: https://pages.razorpay.com/bepracticalWorkshop
--------------------------
For People Outside India:
Link:
https://pages.razorpay.com/bepracticalInternational
[Please make sure to Pay Using PayPal Only]
--------------------------
Last Date Of Registration: 15th July 2024
Looking forward to see you all in this workshop!!!
If you are a beginner or someone who wants to upskill your recon game then this workshop is for you! Throughout these 7 days, we will explore various methods & techniques that will not only help you to get the basics but also it will help you in creating your own methodology!
You can use the link below to register into this workshop
-------------------------
For People Living In India:
Link: https://pages.razorpay.com/bepracticalWorkshop
--------------------------
For People Outside India:
Link:
https://pages.razorpay.com/bepracticalInternational
[Please make sure to Pay Using PayPal Only]
--------------------------
Last Date Of Registration: 15th July 2024
Looking forward to see you all in this workshop!!!
π11β€3
BePractical
Hi everyone, We are excited to announce the second batch for web reconnaissance workshop! If you are a beginner or someone who wants to upskill your recon game then this workshop is for you! Throughout these 7 days, we will explore various methods & techniquesβ¦
5 days left for registration!
π3π1