Размер видео: 1280 X 720853 X 480640 X 360
Показать панель управления
Автовоспроизведение
Автоповтор
Thats a great find. Now I will be extra suspicious whenever I see a multipart form.
With cracked burpsuite xDnice job !
its open source , you analyze from source code right? thats great actually! keep it up.
Can you pls send the payload file to me?
Dm at my social handles
why you add ------------------------------------611111191919101010that line again in request before php code? explain me broand how you exact path themes/huraga/assets ?
ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin join
This all are unique stuff I have been not seeing anywhere. Thanks for sharing. please also share writeupss if available.
crazy job!
Do they pay bounty right now?
No
@@abhishekmorla1 ah i found 1 rce too :/
Awesome! Wouldn't have thought to try that, great find!
where did you learn to add data like this? is there a video covering this for me to learn from?
these techniques are not generally used in the wild , i will keep on uploading such techniques 😉
@@abhishekmorla1 Is there a discord or telegram group for sharing pentester knowledge?
@@yasaya9139 If you found any then share with me plz ❤
solve ctf challenges and vulnerability labs and read books like web hacking 101
Burp professional crack please
join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Show us your hackerone or bugcrowd payments. Dont believe you got paid 15k for this
bugcrowd.com/abhishekmorla
Great Content,I Just learned a new method 😊
Nice
Can ypu share the code source of vulnerable script of this bug please
Join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
how does this happen?? this 'name' directive should contain field name not filename. 'filename' directive should contain file name.
Join The Channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Hi, is there a bug bounty program for fossbilling or the target uses it on their domains?
Target uses
Nais
what was that filename:attacker.php ???btw Crazyyyy Video..!
rce.php
Just tell me why you enter/assets
brother can you suggest how do you know the file uploaded path??
Source code
click on that image/file => open in new tab
How did you connect it with docker
Through documentation
this work on foss billing or else where also?
Maybe
Bhai aapke pass ke payload mil sakte he kya??? Or kaha se mila he aapko ? Khudase?
Exploit db se
this is a mad one
how do you know it stored in asset directory if it's not avail for local environment testing how you know that
Its open source
you see where it will be uploaded
That's amazing 😍
How to find where is file gone after upload?
Using source code
where can i contact you to get the payload file please ?very good job bro !!!!!!
How about discord?
@@abhishekmorla1 i send you dm on insta if you dont mind i don't use discord
@@abhishekmorla1 pls give me your discord tagname
awesome
bhai isme yea kaise pta chla ke file ka path kha hai jo apne traf se bna kr upload ke hai ....?
you can join to learn more ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Yes but this is a demo you run locally
what else do you expect for open source project ?
why do you say then 15.000$ bounty if it is a demo
its not a demo , its poc bro
can i get your discord pls ?
Perhaps you can join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
nice find
Ik
Thats a great find. Now I will be extra suspicious whenever I see a multipart form.
With cracked burpsuite xD
nice job !
its open source , you analyze from source code right? thats great actually! keep it up.
Can you pls send the payload file to me?
Dm at my social handles
why you add
------------------------------------611111191919101010
that line again in request before php code? explain me bro
and how you exact path themes/huraga/assets ?
ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin join
This all are unique stuff I have been not seeing anywhere. Thanks for sharing. please also share writeupss if available.
crazy job!
Do they pay bounty right now?
No
@@abhishekmorla1 ah i found 1 rce too :/
Awesome! Wouldn't have thought to try that, great find!
where did you learn to add data like this? is there a video covering this for me to learn from?
these techniques are not generally used in the wild , i will keep on uploading such techniques 😉
@@abhishekmorla1 Is there a discord or telegram group for sharing pentester knowledge?
@@yasaya9139 If you found any then share with me plz ❤
solve ctf challenges and vulnerability labs and read books like web hacking 101
Burp professional crack please
join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Show us your hackerone or bugcrowd payments. Dont believe you got paid 15k for this
bugcrowd.com/abhishekmorla
Great Content,I Just learned a new method 😊
Nice
Can ypu share the code source of vulnerable script of this bug please
Join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
how does this happen?? this 'name' directive should contain field name not filename. 'filename' directive should contain file name.
Join The Channel
ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Hi, is there a bug bounty program for fossbilling or the target uses it on their domains?
Target uses
Nais
what was that filename:attacker.php ???
btw Crazyyyy Video..!
rce.php
Just tell me why you enter/assets
join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
brother can you suggest how do you know the file uploaded path??
Source code
click on that image/file => open in new tab
How did you connect it with docker
Through documentation
this work on foss billing or else where also?
Maybe
Bhai aapke pass ke payload mil sakte he kya??? Or kaha se mila he aapko ? Khudase?
Exploit db se
this is a mad one
how do you know it stored in asset directory if it's not avail for local environment testing how you know that
Its open source
you see where it will be uploaded
That's amazing 😍
How to find where is file gone after upload?
Using source code
click on that image/file => open in new tab
where can i contact you to get the payload file please ?
very good job bro !!!!!!
How about discord?
@@abhishekmorla1 i send you dm on insta if you dont mind i don't use discord
@@abhishekmorla1 pls give me your discord tagname
awesome
bhai isme yea kaise pta chla ke file ka path kha hai jo apne traf se bna kr upload ke hai ....?
you can join to learn more
ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
Yes but this is a demo you run locally
what else do you expect for open source project ?
why do you say then 15.000$ bounty if it is a demo
its not a demo , its poc bro
can i get your discord pls ?
Perhaps you can join the channel ruclips.net/channel/UC9IAh1JN4lhSVz193GvZVZgjoin
nice find
Ik