imgur.com Bug Bounty PoC | Blind SSRF

Поделиться
HTML-код
  • Опубликовано: 26 ноя 2024

Комментарии • 33

  • @asterfiester
    @asterfiester 3 года назад +9

    Its not ssrf bro... Its just an intraction with external services.. You need to scan internal things like.. Xspa.. Or internal files.. Or something...👋

  • @tommysuriel
    @tommysuriel 4 года назад +2

    So I'm kind of new to SSRF. Basically, you made the file upload to your server from imgur. So what exactly is the impact here? how would a real attacker do something bad with this?

  • @skwtf
    @skwtf 4 года назад +2

    I've found a similar vuln in another website. I understand that this proves an SSRF, but shouldn't we try and add some impact?
    Sure it's making a request to your server, but what can you do afterwards to harm the website?

    • @phhitachi
      @phhitachi  4 года назад +3

      this video only detect the blind ssrf this leads to another steps to verify like port scan etc

  • @TGOXChannel
    @TGOXChannel 4 года назад +1

    Lol. It's not a fucking bug. It's working as expected.
    If you get response from server , it's doesn't Means SSRF. You need to get internal service.

  • @MarwinS.
    @MarwinS. 4 года назад

    Support lodicakes!

  • @raymondsabee
    @raymondsabee 4 года назад

    Awesome, keep up the good work!

  • @techlearner3270
    @techlearner3270 4 года назад

    what is the name of your video recording tool ???

  • @jaysonmupla919
    @jaysonmupla919 4 года назад

    Paps saan ka naghahanap ng mga ganito? Paturo naman gusto ko rin magreseach.

  • @phatatly5066
    @phatatly5066 4 года назад

    Can u share how to exploit this bug?

  • @faizannehal1
    @faizannehal1 4 года назад

    Please provide us some good resources where we can learn blind ssrf

  • @spotall2673
    @spotall2673 4 года назад

    your burp shows as professional but there are no scanner and spider?????????

    • @phhitachi
      @phhitachi  4 года назад

      its crack bro

    • @兽Arufisu
      @兽Arufisu 4 года назад

      @@phhitachi how you get a crack.? Tell me pwease

    • @phhitachi
      @phhitachi  4 года назад

      @@兽Arufisu on youtube its a lot of video in youtube

  • @tradellionairefxtradetheri1256
    @tradellionairefxtradetheri1256 4 года назад

    where can i contact u bro

    • @phhitachi
      @phhitachi  4 года назад +1

      may email :ph.hitachi@gmail.com

    • @tradellionairefxtradetheri1256
      @tradellionairefxtradetheri1256 4 года назад

      @@phhitachi sent you an email just now. please check your email. thanks for your fast respond anyway my buddy.

  • @minomet-c7i
    @minomet-c7i 4 года назад

    ssrf to rce bro

  • @NinjaTech1337
    @NinjaTech1337 4 года назад

    Bounty?

    • @phhitachi
      @phhitachi  4 года назад +2

      as always its a duplicate

    • @dkkdkdkddkdkdk5810
      @dkkdkdkddkdkdk5810 4 года назад

      @@phhitachi what do you mean ?

    • @兽Arufisu
      @兽Arufisu 4 года назад

      @@dkkdkdkddkdkdk5810 no rewards, as someone also did it before

    • @兽Arufisu
      @兽Arufisu 4 года назад

      Aka didnt fixed

  • @omerfarooqdemir9907
    @omerfarooqdemir9907 4 года назад +1

    Do you have any bounty?

Следующие
Автовоспроизведение
Server-Side Request Forgery (SSRF) Explained15:58Server-Side Request Forgery (SSRF) Explained
Server-Side Request Forgery (SSRF) ExplainedNahamSec
Просмотров 29 тыс.
SSRF Bypass by DNS Rebinding worth 2000$ | Bug bounty poc15:37SSRF Bypass by DNS Rebinding worth 2000$ | Bug bounty poc
SSRF Bypass by DNS Rebinding worth 2000$ | Bug bounty pocWebWonders
Просмотров 3,2 тыс.
Find and Exploit Server-Side Request Forgery (SSRF)8:56Find and Exploit Server-Side Request Forgery (SSRF)
Find and Exploit Server-Side Request Forgery (SSRF)The Cyber Mentor
Просмотров 43 тыс.
Why The US is Struggling to Return to the Moon19:55Why The US is Struggling to Return to the Moon
Why The US is Struggling to Return to the MoonReal Engineering
Просмотров 563 тыс.
Squid Game: Season 2 | Official Trailer | Netflix01:47Squid Game: Season 2 | Official Trailer | Netflix
Squid Game: Season 2 | Official Trailer | NetflixNetflix
Просмотров 2,8 млн
Season 1 Reveal, Gameplay Preview & Ranked Resets | Dev Update - League of Legends15:11Season 1 Reveal, Gameplay Preview & Ranked Resets | Dev Update - League of Legends
Season 1 Reveal, Gameplay Preview & Ranked Resets | Dev Update - League of LegendsLeague of Legends
Просмотров 905 тыс.
Kendrick Perkins CALLS OUT Jamal Murray to HELP OUT Jokic! 😤 Concerns in Denver?! 👀 | First Take10:46Kendrick Perkins CALLS OUT Jamal Murray to HELP OUT Jokic! 😤 Concerns in Denver?! 👀 | First Take
Kendrick Perkins CALLS OUT Jamal Murray to HELP OUT Jokic! 😤 Concerns in Denver?! 👀 | First TakeNBA on ESPN
Просмотров 321 тыс.
Paypal - Live bug bounty hunting on Hackerone | Live Recon | part 234:52Paypal - Live bug bounty hunting on Hackerone | Live Recon | part 2
Paypal - Live bug bounty hunting on Hackerone | Live Recon | part 2The Cyberboy
Просмотров 405 тыс.
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports19:58What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reportsBug Bounty Reports Explained
Просмотров 16 тыс.
SQLi + LFI to RCE using Malicious Image Upload (POST)14:36SQLi + LFI to RCE using Malicious Image Upload (POST)
SQLi + LFI to RCE using Malicious Image Upload (POST)ph hitachi
Просмотров 4,5 тыс.
Top 10 Hacking Tools In Kali Linux You Must Know.7:31Top 10 Hacking Tools In Kali Linux You Must Know.
Top 10 Hacking Tools In Kali Linux You Must Know.Zilox
Просмотров 572 тыс.
Access Location, Camera & Mic of any Device 🌎🎤📍📷15:48Access Location, Camera & Mic of any Device 🌎🎤📍📷
Access Location, Camera & Mic of any Device 🌎🎤📍📷zSecurity
Просмотров 2,6 млн
This is my coolest bug bounty report (SSRF ➡ Phishing)10:05This is my coolest bug bounty report (SSRF ➡ Phishing)
This is my coolest bug bounty report (SSRF ➡ Phishing)Bug Bounty Reports Explained
Просмотров 8 тыс.
How I found the $1,500 SSRF in Stripe bug bounty program9:09How I found the $1,500 SSRF in Stripe bug bounty program
How I found the $1,500 SSRF in Stripe bug bounty programBug Bounty Reports Explained
Просмотров 11 тыс.
How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-119:10How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-1
How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-1The Cyberboy
Просмотров 151 тыс.
Bug Bounty | $2000 for SSRF bypass using DNS rebinding12:47Bug Bounty | $2000 for SSRF bypass using DNS rebinding
Bug Bounty | $2000 for SSRF bypass using DNS rebindingLeet Cipher
Просмотров 38 тыс.
СМЕРТЕЛЬНАЯ РУЛЕТКА 2 🔫🔫| WICSUR #shorts01:00СМЕРТЕЛЬНАЯ РУЛЕТКА 2 🔫🔫| WICSUR #shorts
СМЕРТЕЛЬНАЯ РУЛЕТКА 2 🔫🔫| WICSUR #shortsБискас
Просмотров 432 тыс.
Да будет LED! Балацко унижен, Олег страдает, Толя счастлив!1:46:02Да будет LED! Балацко унижен, Олег страдает, Толя счастлив!
Да будет LED! Балацко унижен, Олег страдает, Толя счастлив!Команда АП
Просмотров 347 тыс.
Ленинград - Ёж (сниппет)00:38Ленинград — Ёж (сниппет)
Ленинград - Ёж (сниппет)Ленинград
Просмотров 29 тыс.
Китайка и Голодный Шрек😂😆00:20Китайка и Голодный Шрек😂😆
Китайка и Голодный Шрек😂😆KITAYKA
Просмотров 129 тыс.
Акаб VS Лев против-СУПЕРБОЙ! Спартак VS ЦСКА-Дерби. Седокова + Коваленко. ГЛУШНЯК. Торнике VS Бобур1:45:02Акаб VS Лев против—СУПЕРБОЙ! Спартак VS ЦСКА—Дерби. Седокова + Коваленко. ГЛУШНЯК. Торнике VS Бобур
Акаб VS Лев против-СУПЕРБОЙ! Спартак VS ЦСКА-Дерби. Седокова + Коваленко. ГЛУШНЯК. Торнике VS БобурHardcore Fighting Championship
Просмотров 798 тыс.
КОТЯТА НА АМЕРИКАНСКИХ ГОРКАХ #cat00:15КОТЯТА НА АМЕРИКАНСКИХ ГОРКАХ #cat
КОТЯТА НА АМЕРИКАНСКИХ ГОРКАХ #catЛайки Like
Просмотров 584 тыс.
Stray Kids "合 (HOP)" UNVEIL : TRACK "Unfair (필릭스)"00:40Stray Kids "合 (HOP)" UNVEIL : TRACK "Unfair (필릭스)"
Stray Kids "合 (HOP)" UNVEIL : TRACK "Unfair (필릭스)"JYP Entertainment
Просмотров 303 тыс.
Magic trick 🪄😁00:15Magic trick 🪄😁
Magic trick 🪄😁Andrey Grechka
Просмотров 6 млн