POC - CRLF Injection at *.lenovo.com - Bugcrowd | mufazmi

Поделиться
HTML-код
  • Опубликовано: 14 окт 2024
  • I'm Umair Farooqui, a passionate software engineer and security researcher dedicated to uncovering vulnerabilities in systems worldwide. With a strong background in ethical hacking, I delve into the intricacies of cybersecurity to safeguard digital infrastructures.
    🔍 Hacking Experience:
    I specialize in discovering and responsibly disclosing critical security issues. My portfolio includes successful hacks and disclosures impacting renowned organizations such as NASA and Paytm, earning recognition and appreciation for enhancing their security postures.
    🎥 RUclips Channel:
    On my RUclips channel, I share Proof of Concept (PoC) videos where I demonstrate how vulnerabilities were identified and exploited. Each video provides insights into the techniques used and the impact on security.
    🌐 Connect with Me:
    GitHub: github.com/muf...
    Instagram: / mufazmi
    Twitter: / mufazmi
    HackerOne: hackerone.com/...
    Bugcrowd: bugcrowd.com/m...
    Google Search: www.google.com...
    Google Search: www.google.com...
    📱 Contact Me:
    WhatsApp: +91 9867503256
    Note: All content shared on this channel is for educational purposes only.
    🔗 Hashtags:
    #mufazmi #umairfarooqui #ethicalhacking #cybersecurity #infosec #bugbounty #securityresearch #hacker #bughunter #websecurity #pentesting #vulnerability #exploit #securityawareness #tech #coding #opensource #privacy #datasecurity #cybercrime #networksecurity #cyberattack #digitalforensics #blockchainsecurity #iotsecurity #appsec #cloudsecurity #redteam #blueteam #hackerinmumbra #mumbra #mumbrahacker #hackerkausa #mumbrahacker #itpm #hackerinsaraimeer #saraimeerhacker #saraimeer
    Join me in exploring the world of cybersecurity, one vulnerability at a time! Let's secure the digital landscape together. 💻🛡️

Комментарии • 7

  • @gowtham8774
    @gowtham8774 3 месяца назад +1

    Bro, How did you know the title param is vulnerable to CRLF injection?

    • @mayaprotocol8106
      @mayaprotocol8106 3 месяца назад

      yes??

    • @mufazmi
      @mufazmi  3 месяца назад

      Via find and replace functionality of Burp Suite.

    • @gowtham8774
      @gowtham8774 3 месяца назад

      ​@@mufazmi Can you please share your methodology Via find and replace to get CRLF injection?

  • @RHYru9.
    @RHYru9. 3 месяца назад +1

    Did you get the bounty?

    • @mufazmi
      @mufazmi  3 месяца назад +1

      @@RHYru9. Unfortunately no, it's got duplicate.

    • @RHYru9.
      @RHYru9. 3 месяца назад

      @@mufazmi Bro, do you have Telegram or anything to study together?

Следующие
Автовоспроизведение
how is this hacking tool legal?11:42how is this hacking tool legal?
how is this hacking tool legal?Low Level
Просмотров 256 тыс.
The Unreasonable Effectiveness of Linux Workstations12:47The Unreasonable Effectiveness of Linux Workstations
The Unreasonable Effectiveness of Linux WorkstationsNo Boilerplate
Просмотров 625 тыс.
We hacked Rabbit R1 and found THIS10:31We hacked Rabbit R1 and found THIS
We hacked Rabbit R1 and found THISCyberNews
Просмотров 94 тыс.
England 1-2 Greece | Three Lions Defeated At Wembley | UEFA Nations League Highlights03:04England 1-2 Greece | Three Lions Defeated At Wembley | UEFA Nations League Highlights
England 1-2 Greece | Three Lions Defeated At Wembley | UEFA Nations League HighlightsEngland
Просмотров 1,7 млн
Blastoff! SpaceX Starship launches on 5th flight, nails 'chopsticks' booster catch!10:21Blastoff! SpaceX Starship launches on 5th flight, nails 'chopsticks' booster catch!
Blastoff! SpaceX Starship launches on 5th flight, nails 'chopsticks' booster catch!VideoFromSpace
Просмотров 1,5 млн
Dax - "Lonely Dirt Road" (Official Music Video)04:07Dax - "Lonely Dirt Road" (Official Music Video)
Dax - "Lonely Dirt Road" (Official Music Video)Dax
Просмотров 1 млн
SEVENTEEN (세븐틴) 'LOVE, MONEY, FAME (feat. DJ Khaled)' Official MV03:35SEVENTEEN (세븐틴) 'LOVE, MONEY, FAME (feat. DJ Khaled)' Official MV
SEVENTEEN (세븐틴) 'LOVE, MONEY, FAME (feat. DJ Khaled)' Official MVHYBE LABELS
Просмотров 13 млн
Where People Go When They Want to Hack You34:40Where People Go When They Want to Hack You
Where People Go When They Want to Hack YouCyberNews
Просмотров 2 млн
Unfixed Reflected XSS at ekm.com | Bypass Cloudflare WAF | LIVE 🔴 | #mufazmi | POC7:42Unfixed Reflected XSS at ekm.com | Bypass Cloudflare WAF | LIVE 🔴 | #mufazmi | POC
Unfixed Reflected XSS at ekm.com | Bypass Cloudflare WAF | LIVE 🔴 | #mufazmi | POCmufazmi
Просмотров 2,4 тыс.
I Played HackTheBox For 30 Days - Here's What I Learned10:23I Played HackTheBox For 30 Days - Here's What I Learned
I Played HackTheBox For 30 Days - Here's What I LearnedGrant Collins
Просмотров 432 тыс.
My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLs9:53My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLs
My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLsBug Bounty Reports Explained
Просмотров 24 тыс.
Does Cybersecurity Require Programming?10:37Does Cybersecurity Require Programming?
Does Cybersecurity Require Programming?NahamSec
Просмотров 17 тыс.
I used AI to hack this website...23:23I used AI to hack this website...
I used AI to hack this website...Tech Raj
Просмотров 91 тыс.
Pentesting vs. Bug Bounty vs. Pentesting ???9:08Pentesting vs. Bug Bounty vs. Pentesting ???
Pentesting vs. Bug Bounty vs. Pentesting ???LiveOverflow
Просмотров 83 тыс.
How do hackers hide themselves? - staying anonymous online11:55How do hackers hide themselves? - staying anonymous online
How do hackers hide themselves? - staying anonymous onlineGrant Collins
Просмотров 1,4 млн
How One Line of Code Almost Blew Up the Internet13:47How One Line of Code Almost Blew Up the Internet
How One Line of Code Almost Blew Up the InternetKevin Fang
Просмотров 2 млн
Грехо Обзор Дэдпул и Росомаха (от Кинокоса)28:36Грехо Обзор Дэдпул и Росомаха (от Кинокоса)
Грехо Обзор Дэдпул и Росомаха (от Кинокоса)KINOKOS
Просмотров 357 тыс.
REAL 3D brush can draw grass Life Hack #shorts #lifehacks00:42REAL 3D brush can draw grass Life Hack #shorts #lifehacks
REAL 3D brush can draw grass Life Hack #shorts #lifehacksMrMaximus
Просмотров 7 млн
Такая совместимость может стать лучшей00:33Такая совместимость может стать лучшей
Такая совместимость может стать лучшейКАПУСТИН
Просмотров 65 тыс.
🤣 Владельцы Феррари и Ламборгини не ожидали ТАКОГО от старого Мерседеса! | Новостничок00:21🤣 Владельцы Феррари и Ламборгини не ожидали ТАКОГО от старого Мерседеса! | Новостничок
🤣 Владельцы Феррари и Ламборгини не ожидали ТАКОГО от старого Мерседеса! | НовостничокНОВОСТНИЧОК
Просмотров 1,3 млн
Lp. Сердце Вселенной #29 БИТВА ЗА ГОРОД [Начало Атаки] • Майнкрафт29:35Lp. Сердце Вселенной #29 БИТВА ЗА ГОРОД [Начало Атаки] • Майнкрафт
Lp. Сердце Вселенной #29 БИТВА ЗА ГОРОД [Начало Атаки] • МайнкрафтMrLololoshka (Роман Фильченков)
Просмотров 899 тыс.
استمتعي بحمل خالٍ من التوتر بهذه الحيل الأساسية 🐣00:57استمتعي بحمل خالٍ من التوتر بهذه الحيل الأساسية 🐣
استمتعي بحمل خالٍ من التوتر بهذه الحيل الأساسية 🐣حرف إبداعية للمنزل في 5 دقائق
Просмотров 27 млн
Я КУПИЛ СТРАННУЮ ЕДУ на АВИТО! Егорик ест ДУБАЙСКИЙ ШОКОЛАД!16:26Я КУПИЛ СТРАННУЮ ЕДУ на АВИТО! Егорик ест ДУБАЙСКИЙ ШОКОЛАД!
Я КУПИЛ СТРАННУЮ ЕДУ на АВИТО! Егорик ест ДУБАЙСКИЙ ШОКОЛАД!Супер Стас
Просмотров 269 тыс.
SHIN SONIC x TAILS SO BABY Cute story?! (The Sonic Tapes Animation)01:00SHIN SONIC x TAILS SO BABY Cute story?! (The Sonic Tapes Animation)
SHIN SONIC x TAILS SO BABY Cute story?! (The Sonic Tapes Animation)AM Animation
Просмотров 907 тыс.