Where are all the RCEs? RCE case study
HTML-код
- Опубликовано: 5 авг 2024
- 📚 Full case study: members.bugbountyexplained.com...
📧 Subscribe to BBRE Premium: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
📣 Follow me on Twitter: bbre.dev/tw
This video is a part of an RCE case study where I studied 126 disclosed RCE bug bounty reports to learn how are people actually making money with RCEs. In this video, I go through different functionalities in which RCEs were common.
Videos:
• $50,000 0-day RCE on A...
• $25,000 GitHub pages R...
• $20,000 RCE in GitLab ...
• How to turn SQL inject...
• What functionalities a...
• $130,000+ Learn New Ha...
🖥 Get $100 in credits for Digital Ocean: bbre.dev/do
Timestamps:
00:00 Intro
00:27 Imports/Sharing
2:36 Other
3:50 File uploads
6:56 Authentication
8:59 High-privilege funcionality
10:43 Cloud
11:35 Templates
12:41 SQL query
13:17 Installing packages
15:44 0day
16:38 Image processing
18:14 Executing commands/code
20:25 SMTP/DB configuration
21:29 Making requests
23:14 Headless browser Наука
You can now join BBRE Premium with $20 OFF using the code BLACKFRIDAY. Go to bbre.dev/premium
I'm going to subscribe to premium...Love your work. Thank you for what you do!
Hi brother , i have recently reported a bug on a iphone to apple,and they replied after some time ( like 20 days) " we are going to adress this issue in a future security update , thanks for sending this our way" , do u think they will give me bug bountry reward for this?
Just wow!
Can you give us the link to this source
2:40 - not sure about the rest of the "other" section but I would probably label the first example "misconfiguration".
Hello, and thank You a lot
Can you make a video explaining how you conduct your case studies? It would be awesome! Great vid btw.
I described my methodology in the first case study: www.bugbountyexplained.com/what-functionalities-are-most-often-vulnerable-to-ssrfs-case-study-of-124-bug-bounty-reports/
@@BugBountyReportsExplainedHey man! That's awesome! Greatly appreciated.
hi
thx 4 your good vids.
i want to ask you somthing.
can you make a public project in notion and share your write-ups and other useful stuff in it?
I'm sharing this notion database in BBRE Premium ;)
😎🤜🤛😎
nice video , it was all over the place tho : |
Jestes u Bombala Top Hacking Books for 2024 (plus Resources): FREE and Paid :-) Congratz