Bug bounty chat

26 Apr 2024 19:07

i try next time i will ask in russian also

Bug bounty chat

26 Apr 2024 19:04

i upload file with put method

Bug bounty chat

26 Apr 2024 18:14

/channel/boost/Bugbountygroup

Bug bounty chat

26 Apr 2024 12:52

hello write me on russian language and i maybe help u. Because my english is very bad and i don`t understood you

Bug bounty chat

26 Apr 2024 08:38

Yeah he is right.
Majority of PII goes to Medium unless you can use it to escalate more like if email is associated with anyone in the company and using that email you Bypass some admin or higher authority.
That's when it goes for critical or high!

Bug bounty chat

26 Apr 2024 00:56

Name and email addresses

Bug bounty chat

26 Apr 2024 00:44

Why would that be critical

Bug bounty chat

26 Apr 2024 00:33

Got a response that's it's actually a retool dummy data.
💔😣

Bug bounty chat

25 Apr 2024 19:12

its exutes its code also

Bug bounty chat

25 Apr 2024 17:42

Hi all, does anyone have an external peneteation testing checklist? If you have pls share it.

Bug bounty chat

25 Apr 2024 11:44

https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8

Bug bounty chat

24 Apr 2024 07:32

https://book.cipherops.tech/bug-bounty-notes/readme/cipherops

Bug bounty chat

24 Apr 2024 06:01

You may report It but I'm 90% sure they will say the same!
And remaining 10% they might give you bounty or points or mark it as informative if it does not effect them.

Bug bounty chat

24 Apr 2024 05:42

Treat as urgent please 🙏

Bug bounty chat

23 Apr 2024 23:33

xss.is / exploit.in 😂
——
it's a joke btw

Bug bounty chat

26 Apr 2024 19:05

i change the method to put i can upload file i have to copy past binary down there

Bug bounty chat

26 Apr 2024 19:03

its fixed thanks for asking

Bug bounty chat

26 Apr 2024 18:11

do you mean that command is executed but no output?

Bug bounty chat

26 Apr 2024 10:05

Thanks for the clarification.
Unfortunately, the program staff sent a message after he Traiged it few hours after submission that the emails and usernames are dummy data by retool but he hasn't close the report.

Bug bounty chat

26 Apr 2024 06:24

That's a medium at best yeah

Bug bounty chat

26 Apr 2024 00:54

It was containing a lot of PII

Bug bounty chat

26 Apr 2024 00:33

The report is still open in Traiged state. What is likely to happen?

Bug bounty chat

25 Apr 2024 23:24

Can someone share methodology please

Bug bounty chat

25 Apr 2024 19:12

i can upload file to s3 for guest section to file like shell.php it worked but when trying to open it downloads the file directly

Bug bounty chat

25 Apr 2024 17:30

Rebyata, davaite uchit ruckiy yazik

Bug bounty chat

24 Apr 2024 10:45

Has anyone came across this?

Bug bounty chat

24 Apr 2024 06:26

You're right bro.
Thanks 😊

Bug bounty chat

24 Apr 2024 05:59

If you can then try to escalate it more because the company needs to know how knowing all these credentials can affect them.

Bug bounty chat

24 Apr 2024 05:33

Hello Hunters, I got NREUM loader account id, trustkey, agentid, license key and application id in a hardcoded source code. Should I report?

Bug bounty chat

23 Apr 2024 23:05

Yo does anyone know any bug bounty platforms that pay through crypto, I'm new to this