If you're new to bug bounty, you should not learn recon.
π12β€2
Recently found a SAML vulnerability, any website that allows users to configure SAML also takes a x509 certificate as input there will be an implicit trust between IDP and SP. (You can easily perform an account takeover via using your own x509 cert, Signed saml response with the victim's email)
π₯5
Also SAML can be used for session hijacking/login csrf
- User is entering his credit card details while attacker's site is open
- Attacker swaps the session using SAML session hijacking and now card details will be saved in attacker's account
- User is entering his credit card details while attacker's site is open
- Attacker swaps the session using SAML session hijacking and now card details will be saved in attacker's account
π₯4β€1
Brut Security pinned Β«π₯ Join Our Bugbounty Discussion Group π₯ π₯ https://t.iss.one/brutsecπ₯ π€ https://discord.gg/GZBsQMY6π€ Β»
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Discussion
Community Discussion
β€2π2
β‘ FFUF Web Parser is a web-based tool built using React and Node.js that allows users to upload FFUF JSON files, apply a variety of filters, and export the filtered results to an Excel file. The tool supports filtering based on status codes, response data, lines, length, and URLs (including regex filtering). It also provides the ability to view, manipulate, and extract valuable information from FFUF fuzzing results.
πhttps://github.com/VikzSharma/ffufwebparser
πhttps://github.com/VikzSharma/ffufwebparser
π6β€2
CVE-2024-37288, -37285: RCE in Kibana, 9.9 rating π₯π₯π₯
By improperly deserializing YAML, attackers can perform RCE. The attack is quite complex, but Elastic still recommends updating.
Search at Netlas.io:
π Link: https://nt.ls/cVF9O
π Dork: http.favicon.hash_sha256:30db4185530d8617e9f08858787a24b219ac5102321b48515baf5da7ac43b590
Read more: https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/
By improperly deserializing YAML, attackers can perform RCE. The attack is quite complex, but Elastic still recommends updating.
Search at Netlas.io:
π Link: https://nt.ls/cVF9O
π Dork: http.favicon.hash_sha256:30db4185530d8617e9f08858787a24b219ac5102321b48515baf5da7ac43b590
Read more: https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/
π3β€1
CVE-2024-29847 and other: Multiple vulns in Ivanti EPM, 4.3 - 10.0 rating π₯π₯π₯
Numerous vulnerabilities in Ivanti. Includes, but is not limited to, RCE with the highest severity score!
Search at Netlas.io:
π Link: https://nt.ls/pHqay
π Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US
Numerous vulnerabilities in Ivanti. Includes, but is not limited to, RCE with the highest severity score!
Search at Netlas.io:
π Link: https://nt.ls/pHqay
π Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US
π2β€1
Add to your wordlist:
auth/jwt/register
auth-demo/register/classic
auth-demo/register/modern
auth/jwt/register
auth-demo/register/classic
auth-demo/register/modern
π₯3β€1
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯10π1
Forwarded from Netlas.io
Reminder: The update begins in one hour. Netlas will be temporarily offline. We apologize for any inconvenience caused.
Please open Telegram to view this post
VIEW IN TELEGRAM
Discord
Join the Brut Security Discord Server!
Check out the Brut Security community on Discord - hang out with 285 other members and enjoy free voice and text chat.
β€3