$100 Time Based Sql Injection Bug Bounty PoC
Рет қаралды 5,871
4 ай бұрынuhmm so here's a short context about the POC :
I was manually testing the site for blind SSRF and then burp bounty notifies me that it is vulnerable to time based sqli... :)
@lmfao69420 24 күн бұрын
$100 for SQL injection is criminal.
@phntmtrpe 18 күн бұрын
criminal? LMAO you don't know what bug bounty hunting really is?
@lmfao69420 12 күн бұрын
@@phntmtrpe you don't know what criminal means in this context. But it's #4 on the Merriam Webster dictionary: "disgraceful" the payout they gave you was disgracefully low for a critical bug.
@TuanNguyen-ve9xf 4 ай бұрын
When i use burp with https, all infor was hashed, can u tell me how to fix it 😬
@tusharhackseverything 4 ай бұрын
this program doesn't respond.. found multiple bugs in it
@landless-wind 4 ай бұрын
chelsy was here
@phntmtrpe 4 ай бұрын
hahaha Bai
@ayushmanngupta7027 2 ай бұрын
hey bro can you share your burpsuite pro link so that I can download your burpsuite
@ariadesupriyatna 2 ай бұрын
🎉
@FakerPK 4 ай бұрын
can you explain what this is about?
@randreu28 4 ай бұрын
As far as my understanding goes, it basically is a cybersecurity attack. It works by manipulating what the client machine (you as a user entering a website, for example) sends to the server machine ( the machine that controls the website) to execute commands in the database at will. In this particular case, a time based command execution of waiting for x time to respond.
@user-ds5md8dj8s 4 ай бұрын
bro how did you burp scan for vulnerabilities and notify you can you elaborate it. Thanks
@phntmtrpe 4 ай бұрын
I use burp bounty for fun
@Hackerone1444 4 ай бұрын
is sqli work on cookie side ?
@bambangsutrisna5006 3 ай бұрын
works
@Hackerone1444 3 ай бұрын
@@bambangsutrisna5006 any random cookies ? Example: will every session cookie side work ?
@abhinavbansal9396 4 ай бұрын
So they were putting cookie value in sql statement?
@phntmtrpe 4 ай бұрын
SQLi via cookie
@rifaelsitorus5211 3 ай бұрын
What burp extension do you use?
@phntmtrpe 3 ай бұрын
burp bounty
@_sl1de_ 4 ай бұрын
Why only 100 ?
@leo___333 4 ай бұрын
Because he is not exploited
@ederferreira3764 3 ай бұрын
What is your twitter? How do I contact you?
@phntmtrpe 3 ай бұрын
Facebook
Bug Bounty Reports Explained
Рет қаралды 21 М.
DonTheDeveloper
Рет қаралды 262 М.