No video :(

Bounty $3000 http request smuggling in twitter.com of

Подписаться 1,5 тыс.

Просмотров 21 тыс.

50% 1

If you found this video valuable, give it a like.
If you know someone who needs to see it, share it.
If you have questions ask below in comment section.
Add it to a playlist if you want to watch it later.
___________________________________________________________
Connect with us !
Contact email : ravitbughunter@gmail.com
RU-vid Channel: / @hack_the_web
Telegram Channel: t.me/Hack_The_Web
Company Linkdin : Company Linkdin : / hack-the-we-b
Company Instagram: / hack_the_web_
___________________________________________________________
Keyword:
XSS(CRoss-side-scripting )
XXE
Brute Force
captcha Bypass
Poc(proof-of-Concept)
tags:
bug bounty poc
http request smuggling
http request smuggling poc
hackerone bug bounty
poc bug bounty
xss poc
bug bounty for beginners
bug bounty live
idor vulnerability
live bug bounty hunting
bug bounty 2023
ssrf vulnerability
cron job
api pentesting
host header injection poc
dom based xss
idor vulnerability
idor poc
idor
http request smuggling
http request smuggling poc
http smuggling
#bugbounty #bug #bughunter #hackerone #hacking #poc #testing
#XSS #bugbountytips

Опубликовано:

27 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 35

@dexiios 10 месяцев назад

For those who ask what is the potential impact of this vuln : an attacker can inject a malicious HTTP request into the web server in order to bypass internal security controls. The point is that, most of the time, the web servers do not check for security mesures in a smuggled http request. In addition, some of the ressources available on the web server are often not accessible outsite of the web server itself. So performing a request like this can allow the attacker to gain access to protected ressources such as admin panel etc...

@likingalllol 6 месяцев назад

thanks!

@abdulx01 Год назад

Nice catch... 👍

@shba9300 Год назад

Dear good find Would like to know how would you convince them it's a vulnerability and what is the impact

@joshuavega2193 Год назад

Since the tweet is not made in another account, I guess that´s why the bug got only 3k. If it had been a tweet in a different account, it would've gotten a higher bounty. Remember that this is not directly for vulnerabilities, but for bugs too. I guess that's why it's called "Bug Bounty" and not "Vulnerability Hunting".

@theworldofyuri3083 Год назад

@@joshuavega2193 nice reminder heheh

@oo7posam581 Год назад

@@joshuavega2193 He should have gone for Ssrf through this... Server would have accepted the 1st request as original and yet answered the second request as valid.

@bharathkalyan3961 Год назад

Great Finding

@youssefzero9059 Год назад

❣❣

@electrowizard2658 Год назад

thier can be no affect on this its just ur forwaring the tweet request with some changes

@umarsjd7205 Месяц назад

Actually it has. The person didnt showed this but what he was trying to depict is How vulnerable the security is, The person could insert malicious request To weaken the security which already is.like he can insert JavaScript or injections to ask for Passwords from the system cuz he already infiltrated it

@vmvideos8482 Год назад

Bro how to install the burp suite version 1.7.35 ?

@educationhive Год назад

I will send there if I send here yt can strike

@DreyTheVlogger Год назад

Hello, what background music did you used ? Thanks!

@AGNIHACKERS Год назад

Bro please share Reference report

@educationhive Год назад

Ok I Will share next video

@AGNIHACKERS Год назад

@@educationhive bro please mention this report link. Same Model vulnerability i find in other website.

@educationhive Год назад

@@AGNIHACKERS sure

@allandiego1446 Год назад

Dear good! But which is the really impact of this vulnerability?

@educationhive Год назад

I will share wait

@allandiego1446 Год назад

@@educationhive Thanks! I am waiting for this haha 😁

@UCgqz30RWVkz5yowONnFrO4w Год назад

Bro can you explain, what is the Impact. Because you are tweeting another tweet from the same account. I am new to this vulnerability and many times I found this vuln but not able to show Impact and no-one will accept it wihout any serious impact. Pls explain the impact.

@educationhive Год назад

I will explain here at night