bugbountygroup | Unsorted

Telegram-канал bugbountygroup - Bug bounty chat

2114

Talk and help about bugbounty

Subscribe to a channel

Bug bounty chat

Is this a vulnerability?
Shall I report now?

Читать полностью…

Bug bounty chat

Bot or python automation?

Читать полностью…

Bug bounty chat

It's a recon framework with subdomain tracking, crawling, scanning, passive port scanning, etc

Читать полностью…

Bug bounty chat

Let's have a team to build bug finder software and participate in Bug bounty programs to make money.

Читать полностью…

Bug bounty chat

Anyone know full rat setup dm me fastt

Читать полностью…

Bug bounty chat

bug bounty ka course kisi ke pass hi

Читать полностью…

Bug bounty chat

You will need atleast 8 gb(bare minimum) of ram,storage depends on how you manage but I'd say 512gb, as long as you can do virtualization it would be fine I guess

Читать полностью…

Bug bounty chat

It's not this issue.

Читать полностью…

Bug bounty chat

Guys any one help me I need a bugcrowd username I will add a collaboration any one help me report

Читать полностью…

Bug bounty chat

They have a policy for only veiw wallets so ur basically not reporting anything

Читать полностью…

Bug bounty chat

I have found critical sensitive information on Trust wallet GitHub,
I tried it normal what's your advice I wanna tell them,
Because I have found more than 5 active wallets phrase.

Читать полностью…

Bug bounty chat

THM vouchers are available dm if anyone needs it 🙋

Читать полностью…

Bug bounty chat

Good afternoon, everyone. This is the situation: 100% there is a vulnerability in the web application, associated with improper processing of media content, which leads to the possibility of writing to an arbitrary file. The application accepts images, video files and audio files. The processing is done using `ImageMagick (convert)'.
I figured out a little bit what and how. The application converts `GIF` files to mp4 while saving the first frame (as in the case of mp4 for the cover, to png and then processes ImageMagick-om). When processing mp3 files, it pulls out the cover if available, and also processes ImageMagick-om. Manipulations with video files and GIFs are performed using ffmpeg-a
The first thought that arises is the use of GhostScript configured files to write arbitrary files. It is not possible to download ps,xps, etc. files directly by changing the extension, because the application checks the content type.
The second thought is to pour the GhostScript file into the cover of the mp3 file, which I did, but when pulling it out, ffmpeg gives an error, as well as when trying to add an incorrect frame to the GIF with GhostScript.
Yes, and policy.xml may well be patched where GhostScript files are prohibited, so this is just a guess.

The main question is which way to look, maybe someone has encountered vulnerabilities in the processing of similar media files. And is it worth continuing to dig towards ImageMagick?? Or look for a Vulnerability elsewhere. The patch for the vulnerability of this product, among other things, prohibits the guest script in imagemagick, so I looked there right away.
Anyway, thanks for any advice or thoughts, because I don't know where to go anymore =))

Читать полностью…

Bug bounty chat

/channel/blum/app?startapp=ref_qvdPRfJwjz

Читать полностью…

Bug bounty chat

Hacker discord https://discord.gg/T47v67eVT4

Читать полностью…

Bug bounty chat

Bro koi cloud use karta hai kya like AWS for bug bountey

Читать полностью…

Bug bounty chat

I am getting gigs of data every day

Читать полностью…

Bug bounty chat

I scan all bounty programs

Читать полностью…

Bug bounty chat

Just released a new bug bounty writeups . Have a read.

https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00

Читать полностью…

Bug bounty chat

Bhai koi fida nhi
Tu try ker course ne le or youtube se padh
Tujhe course ek bar mill jye ge or milte he rahe ge fir tu ek bhe nhi dekha ge I wasted 4 Year essi after I realised then I got job after my hard work

Читать полностью…

Bug bounty chat

Now things can vary as per your budget

Читать полностью…

Bug bounty chat

I need advice on how to get a laptop for pentesting, it should be cheap, but I need good quality

Читать полностью…

Bug bounty chat

i need a course on bug bounty i need a full course from finding errors to how to contact the administrator

Читать полностью…

Bug bounty chat

These are called rigged wallets, so these wallets can use the blockchain but flagged so already reported

Читать полностью…

Bug bounty chat

Yeah don't worry their all honeypots don't waste your time either it's a only view wallet, means u can veiw not send or exchange or swap

Or second honeypot is where you have to add tron for you exchange or Transfer which is also a scam

Читать полностью…

Bug bounty chat

Hello i need collab at hunting dm me

Читать полностью…

Bug bounty chat

Good day to all. Question about media forms. Is it possible, or has anyone tried to create such a video file: ; The first or several frames should not be images, PlainText files, respectively, it is also necessary to make the ffmpeg utility throw this file away normally when it is called to dump the 1st frame.
The formats are as follows: video/webm video/mp4 video/quicktime video/ogg I found that quicktime can save uncompressed data, but the search did not lead to anything, and if you need to look here, then I will dig deeper, now the main thing is to decide on the form.
Or another option, audio in mp3 format, is it possible to correctly upload the cover here, while in the video of a text file, and so that ffmpeg also throws out this cover from it. Thank you!

Читать полностью…

Bug bounty chat

/channel/blum/app?startapp=ref_VQDOEKrg5W

Читать полностью…

Bug bounty chat

Login Email Verification Bypass via /oauth/token
https://www.agdepe.xyz/2024/09/login-email-verification-bypass-via.html

Читать полностью…

Bug bounty chat

Deposit not complete

Читать полностью…
Subscribe to a channel