Information Security

Malicious Command Execution via bash-completion (CVE-2018-7738)

https://blog.grimm-co.com/post/malicious-command-execution-via-bash-completion-cve-2018-7738/

#linux
#bash
#exploit

@sec_nerd_en

46 views18:00

Forwarded from امنیت اطلاعات

Simple bash script to take screenshots

#!/bin/bash
file="/path/urls.txt"
while IFS= read line
do
echo "$line"
firefox -screenshot "$line".png "$line"
&>/dev/null
done < "$file"

#linux
#bash
#terminal

@sec_nerd

10 views19:51

Information Security

Return a list of endpoints from a swagger.json.
Pass them to your fuzzer(s), +profit?

curl -s hxxps://petstore.swagger.io/v2/swagger.json | jq '.paths | keys[]'

#bugbounty #bugbountytips #redteam #security #oneliner #bash

106 views18:46

Information Security

https://twitter.com/_Bugbountytips_/status/1393483510556545024?s=20

Twitter

BugBountyTips.tech

How to Find Secret token , apikey, etc in js files & source code using bash (xkeys) | recon youtube.com/watch?v=_7EM7f… #bugbounty #recon #bash #bugbountytips The post How to Find Secret token , apikey, etc in js files & source code using bash (xke… appeared…

230 views16:27

About

Blog

Apps

Platform