Bug Bounty POC | XSS
Рет қаралды 2,251
3 ай бұрынDisclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.
@RHYru9. 7 күн бұрын
Wah medan bang🎉
@mistDexploit 28 күн бұрын
keep going I like your Channel it's great
@rifaelsitorus5211 25 күн бұрын
Thanks!
@erroreboy19mask20 8 күн бұрын
nice, but how u know ,how u think , that after the error u need to login then try it again? And how it could happen only by writting administrator, then the error bypassed ? And why u wrote Administrator instead somthing else? Doese it work on every programms???
@rifaelsitorus5211 8 күн бұрын
I don't know what actually happened on the backend, but when I logged in with the username 'administrator' and a random password, I could access that last endpoint It doesn't work to another program
@erroreboy19mask20 8 күн бұрын
@@rifaelsitorus5211 nice , ilike to know how u think it could success, iam interested to know this iq haha
@kenjikakashi 18 күн бұрын
Can I ask how you managed to find or know endpoints on websites?
@martindinchev5363 17 күн бұрын
Dir bruteforce, burp scan, sometimes there is in js files, source code , documentation, etc.
@Hackerone1444 26 күн бұрын
No waf on that site ?
@rifaelsitorus5211 25 күн бұрын
there's Cloudflare on that site I bypassed with payload 2x encoding
@imamuddinalmustaqim8138 17 күн бұрын
Proses bypass dg otentikasinya, pdhl itu kyknya juga masuk bug broken authentication
@rifaelsitorus5211 17 күн бұрын
@@imamuddinalmustaqim8138 itu juga udah saya report bg, yah cuman ga ada impactnya bg soalnya saya ga bisa gunain fitur dashboardnya
@dheikudeden7933 15 күн бұрын
Kalo ga di encode gabisa kah bang?
@rifaelsitorus5211 15 күн бұрын
@@dheikudeden7933 ga bisa bg, ada WAF nya
@firzainsanudzaky3763 2 ай бұрын
itu bukannya bisa ambil cookies admin? tapi hadiahnya kok cuma $150 padahal udah sampe takeover
@rifaelsitorus5211 Ай бұрын
Mungkin kemarin saya jelasinnya kurang jelas kali yah
@imamuddinalmustaqim8138 17 күн бұрын
btw ini di platform hackerone kah?
BePractical
Рет қаралды 10 М.
$1500 bounty : authentication bypass + unauthenticated configurations access | POC | Bug Bounty 2024
Abhishek Morla
Рет қаралды 3,3 М.
HackShiv
Рет қаралды 16 М.
BePractical
Рет қаралды 4,4 М.