Это видео недоступно.
Сожалеем об этом.

How to Find XmlRpc Vulnerability and Exploit it ! | Bug bounty poc

Поделиться
HTML-код
  • Опубликовано: 1 ноя 2023
  • in this video i am going to show you how to find wordpress xmlrpc vulnerability and how to exploit it.
    This video is only for Education purpose only.
    #xmlrpc #bugbounty
    Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.

Комментарии • 39

  • @points7824
    @points7824 6 месяцев назад +2

    Fun fact. xmlrpc is a faster way to bruteforce useraccounts, and tools such as wpscan uses it as default if possible to speed things up.

    • @lostsecc
      @lostsecc  6 месяцев назад +2

      yes you can send unlimited data in one single request like 1000+ passwords in just one request thats why its so much powerful..

  • @Mohammed_TURKI66
    @Mohammed_TURKI66 Месяц назад +1

    I learned a lot from you, thanks

    • @lostsecc
      @lostsecc  Месяц назад

      my pleasure ❤️😇

  • @tpevers1048
    @tpevers1048 Месяц назад +1

    Bro is this xxe vulnerability and where you get these payloads

  • @user-nq2cq5fl4q
    @user-nq2cq5fl4q 6 месяцев назад

    Dude that's amazing!
    learned very much from this channel alone.
    thx

    • @lostsecc
      @lostsecc  6 месяцев назад

      ❤️😇 thanks for supporting more advance practicle comming soon..

  • @moviesupdates99
    @moviesupdates99 Месяц назад

    Brother, I filed a report, but they are saying that it will not be accepted and marked as not applicable. When I checked, they had fixed it. Please help me.

    • @lostsecc
      @lostsecc  Месяц назад

      xmlrpc are nowdays outofscopes

    • @moviesupdates99
      @moviesupdates99 Месяц назад

      @@lostsecc thanks for reply man i hope you are my inspiration

  • @darkmix4192
    @darkmix4192 3 месяца назад

    Bro, i hav one doubt, this xmlrpc vulnerability what impact create?

    • @lostsecc
      @lostsecc  3 месяца назад

      yes but for bbp its not in scope nowdays

  • @shaiksharif9697
    @shaiksharif9697 9 месяцев назад

    good

  • @CywerLearning
    @CywerLearning 5 месяцев назад

    But it’s dns pingback ?? Kya ye apki ip hai ?

    • @lostsecc
      @lostsecc  5 месяцев назад

      its from server

  • @gddiscover7897
    @gddiscover7897 20 дней назад

    can i get payload

    • @lostsecc
      @lostsecc  20 дней назад

      dm in telegram

    • @gddiscover7897
      @gddiscover7897 19 дней назад

      ​@@lostsecc pls check @th3y_callme_gd

  • @apple_00
    @apple_00 4 месяца назад

    Blind ssrf ?

  • @Rimuruux
    @Rimuruux 5 месяцев назад

    great video! is this job worth to work in it?

    • @lostsecc
      @lostsecc  5 месяцев назад

      ys

    • @Rimuruux
      @Rimuruux 5 месяцев назад

      @@lostseccthanks

  • @youjsyt
    @youjsyt 4 месяца назад

    Na/ there's no internal impact

    • @lostsecc
      @lostsecc  4 месяца назад

      now days it n/a

  • @Shapeshiftshow
    @Shapeshiftshow 5 месяцев назад

    I have found this vuln and got duplicated 🙂

    • @lostsecc
      @lostsecc  5 месяцев назад +1

      keep going duplicate means you doing good but not so early..

    • @Shapeshiftshow
      @Shapeshiftshow 5 месяцев назад

      @@lostsecc yeah, and thanks for the all videos and telegram group brother. Iam a beginner in bug hunting and learnt a lot from you. Keep going ✨

    • @lostsecc
      @lostsecc  5 месяцев назад +2

      soon i uploading full deep hunting video from start recon to end

    • @Shapeshiftshow
      @Shapeshiftshow 5 месяцев назад

      @@lostsecc that's nice! I have a doubt while I fuzzing a search input parameter for xss it shows 200 status code but it's not reflecting on the web page, could you please help?

  • @mdfarhad8939
    @mdfarhad8939 5 месяцев назад

    which program hackerone/bugcrowd ?

    • @lostsecc
      @lostsecc  5 месяцев назад

      not bountty program

    • @Inexizp
      @Inexizp 5 месяцев назад

      ​@@lostsecc do u contact th em without a bounty program ?

  • @ShamsUlhadi-cg6uo
    @ShamsUlhadi-cg6uo 5 месяцев назад

    hey sir
    can you give me responce on your gmail

Следующие
Автовоспроизведение
#2 way hackers hack WordPress - Disable XMLRPC in WordPress7:18#2 way hackers hack WordPress - Disable XMLRPC in WordPress
#2 way hackers hack WordPress - Disable XMLRPC in WordPressWordPress Tutorials - WPLearningLab
Просмотров 1,6 тыс.
How to approach a target in Bug bounty programs | Bug hunting live19:10How to approach a target in Bug bounty programs | Bug hunting live
How to approach a target in Bug bounty programs | Bug hunting live𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 27 тыс.
Watch me hack a Wordpress website..28:52Watch me hack a Wordpress website..
Watch me hack a Wordpress website..Tech Raj
Просмотров 187 тыс.
Disturbing Lost Media From Reddit 228:58Disturbing Lost Media From Reddit 2
Disturbing Lost Media From Reddit 2blameitonjorge
Просмотров 290 тыс.
I Tried A Nuclear War Simulation19:33I Tried A Nuclear War Simulation
I Tried A Nuclear War SimulationMichelle Khare
Просмотров 498 тыс.
We Must Kill Mario13:03We Must Kill Mario
We Must Kill MarioSMG4
Просмотров 843 тыс.
Disguised Truck Stealth Camping22:54Disguised Truck Stealth Camping
Disguised Truck Stealth CampingSteve Wallis
Просмотров 722 тыс.
LFI aka Directory traversal mass hunting | Bug bounty poc11:14LFI aka Directory traversal mass hunting | Bug bounty poc
LFI aka Directory traversal mass hunting | Bug bounty poc𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 10 тыс.
SSRF bypass using DNS rebinding8:31SSRF bypass using DNS rebinding
SSRF bypass using DNS rebindingDevSec Hacker
Просмотров 2,5 тыс.
The Circle of Unfixable Security Issues22:13The Circle of Unfixable Security Issues
The Circle of Unfixable Security IssuesLiveOverflow
Просмотров 113 тыс.
WPScan Hacks... Dominate Your WordPress Pentesting in Kali Linux13:59WPScan Hacks... Dominate Your WordPress Pentesting in Kali Linux
WPScan Hacks... Dominate Your WordPress Pentesting in Kali LinuxGetCyber
Просмотров 9 тыс.
Hacking into Google's Network for $133,33731:32Hacking into Google's Network for $133,337
Hacking into Google's Network for $133,337LiveOverflow
Просмотров 1 млн
How do hackers hide themselves? - staying anonymous online11:55How do hackers hide themselves? - staying anonymous online
How do hackers hide themselves? - staying anonymous onlineGrant Collins
Просмотров 1,4 млн
How to approach a target in Bug bounty programs Extended part 2 | Bug hunting live23:59How to approach a target in Bug bounty programs Extended part 2 | Bug hunting live
How to approach a target in Bug bounty programs Extended part 2 | Bug hunting live𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 17 тыс.
Watch a Hacker break into a WordPress Website!!! 😱12:22Watch a Hacker break into a WordPress Website!!! 😱
Watch a Hacker break into a WordPress Website!!! 😱Jamie Marsland
Просмотров 6 тыс.
i made custom tool for finding BlindSqli in bug bounty programs16:16i made custom tool for finding BlindSqli in bug bounty programs
i made custom tool for finding BlindSqli in bug bounty programs𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 10 тыс.
Inside Out vs Smiling Critters chapter 4 pass the IQ test level 6789 #shorts #poppyplaytime00:20Inside Out vs Smiling Critters chapter 4 pass the IQ test level 6789 #shorts #poppyplaytime
Inside Out vs Smiling Critters chapter 4 pass the IQ test level 6789 #shorts #poppyplaytimeFlashframe
Просмотров 1,6 млн
одеваюсь с парнем в одном магазине 💃🏻🕺 #mariaomg00:14одеваюсь с парнем в одном магазине 💃🏻🕺 #mariaomg
одеваюсь с парнем в одном магазине 💃🏻🕺 #mariaomgMaria OMG
Просмотров 406 тыс.
Survival Skills: Chemical Reaction that could SAVE your Life! #survival #camping #fire #permanganate00:20Survival Skills: Chemical Reaction that could SAVE your Life! #survival #camping #fire #permanganate
Survival Skills: Chemical Reaction that could SAVE your Life! #survival #camping #fire #permanganateMellow Outdoors
Просмотров 1,4 млн
Surxondaryoga biz chempionlarimiz bilan yetib keldik!00:55Surxondaryoga biz chempionlarimiz bilan yetib keldik!
Surxondaryoga biz chempionlarimiz bilan yetib keldik!Alfiya Kampir
Просмотров 576 тыс.
Никто не может пройти эту маску #funny00:58Никто не может пройти эту маску #funny
Никто не может пройти эту маску #funnyTetya Mottya
Просмотров 890 тыс.
ЕДЕМ в ДОМЕ на КОЛЕСАХ ВЛАДИВОСТОК - МОСКВА! 10000 км с Габаром и Никитосом, Волков, Дубровский1:26:50ЕДЕМ в ДОМЕ на КОЛЕСАХ ВЛАДИВОСТОК - МОСКВА! 10000 км с Габаром и Никитосом, Волков, Дубровский
ЕДЕМ в ДОМЕ на КОЛЕСАХ ВЛАДИВОСТОК - МОСКВА! 10000 км с Габаром и Никитосом, Волков, ДубровскийАлексей Столяров
Просмотров 723 тыс.
女孩妒忌小丑女? #小丑#shorts00:34女孩妒忌小丑女? #小丑#shorts
女孩妒忌小丑女? #小丑#shorts好人小丑
Просмотров 27 млн
UFC 305: Дю Плесси и Адесанья - Слова после боя06:46UFC 305: Дю Плесси и Адесанья - Слова после боя
UFC 305: Дю Плесси и Адесанья - Слова после бояUFC Eurasia
Просмотров 312 тыс.