Это видео недоступно.
Сожалеем об этом.

CORS Vulnerability in Facebook | Bug bounty poc

Поделиться
HTML-код
  • Опубликовано: 15 ноя 2023
  • in this video i am going to show to cors misconfiguration vulberability in facebook
    This video is only for education purpose.
    #fb #facebook #bugbounty
    Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.

Комментарии • 35

  • @IllIIIIIIllll
    @IllIIIIIIllll 6 месяцев назад +4

    Then why you are not in FB hof?

  • @studyrelaxwithme4564
    @studyrelaxwithme4564 22 дня назад

    This Page has not sensitive data, so the cors Is not harmful. No reward for that

  • @user-yu3hx2lw8s
    @user-yu3hx2lw8s 8 месяцев назад +3

    Rewards and Hall of fame?

  • @sirajgamer7977
    @sirajgamer7977 5 месяцев назад +1

    What is those "fonction" and how to used in xss because I want to scaning for xss velnrebely but they He suddenly appeared to me in xsstrike

    • @lostsecc
      @lostsecc  5 месяцев назад

      join telegram i will explain more @lostsec

  • @H4cker_Nafeed
    @H4cker_Nafeed 4 месяца назад +1

    How to find end points like that ?

    • @lostsecc
      @lostsecc  4 месяца назад

      use corsy tool or my custom nuclei templates i share in my telegram channel t.me/lostsec

  • @mbithi_ke
    @mbithi_ke 7 часов назад

    so if its not a wordpress site you cant exploit cors? 😆

    • @lostsecc
      @lostsecc  27 минут назад

      you can exploit in all sites

  • @user-il8yq4po1o
    @user-il8yq4po1o 5 месяцев назад

    اسطورة حبيبي اكمل

    • @lostsecc
      @lostsecc  5 месяцев назад +1

      ❤️😇

  • @jeneelshah2946
    @jeneelshah2946 9 месяцев назад

    🔥🔥

  • @pavor01
    @pavor01 9 месяцев назад +1

    Bounty?

  • @marco1337-PT
    @marco1337-PT 6 месяцев назад +1

    can we have that cors exploit script?

    • @lostsecc
      @lostsecc  6 месяцев назад +1

      ys

    • @lostsecc
      @lostsecc  6 месяцев назад +1

      github.com/coffinxp/CorsExploit

  • @abhishekkumar_981
    @abhishekkumar_981 9 месяцев назад

    king

  • @user-ju6fi7vh7n
    @user-ju6fi7vh7n 2 месяца назад

    medium or high

  • @akroidofficial
    @akroidofficial Месяц назад

    bounty?

  • @linux..
    @linux.. 9 месяцев назад

    i can't understand it can you tell me

    • @lostsecc
      @lostsecc  9 месяцев назад +2

      if you logged in this site and visit any attacker site then your all login crendential were stored in the attacker server...and then he use it for your account takeover

  • @iq_rasco
    @iq_rasco 9 месяцев назад

    وين خطورتها !

    • @apple_00
      @apple_00 9 месяцев назад

      Key
      Name
      Password

    • @lostsecc
      @lostsecc  9 месяцев назад +1

      Attackers can use CORS vulnerabilities to steal sensitive data from applications like API keys, SSH keys, Personal identifiable information (PII), or users' credentials.

  • @zedvn3792
    @zedvn3792 3 месяца назад

    Can you give me the exploit Cors .html file?
    Thanks a lot

Следующие
Автовоспроизведение
Easy way to Find SSRF manually+Automation | Bug bounty poc5:19Easy way to Find SSRF manually+Automation | Bug bounty poc
Easy way to Find SSRF manually+Automation | Bug bounty poc𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 15 тыс.
poc for Cross-Origin Resource Sharing (CORS) Misconfiguration Allowing Unauthorized Data Access15:01poc for Cross-Origin Resource Sharing (CORS) Misconfiguration Allowing Unauthorized Data Access
poc for Cross-Origin Resource Sharing (CORS) Misconfiguration Allowing Unauthorized Data Accesshacksys
Просмотров 2,8 тыс.
Bug Bounty POC | XSS5:26Bug Bounty POC | XSS
Bug Bounty POC | XSSToruZ_
Просмотров 3 тыс.
Buying EVERYTHING in ONE COLOR for My Daughter23:48Buying EVERYTHING in ONE COLOR for My Daughter
Buying EVERYTHING in ONE COLOR for My DaughterJordan Matter
Просмотров 3,9 млн
I Met 100 NBA Players in 50 Hours19:13I Met 100 NBA Players in 50 Hours
I Met 100 NBA Players in 50 HoursJesser
Просмотров 750 тыс.
Can My Homemade Aircraft Carrier Hold My Blackhawk?13:18Can My Homemade Aircraft Carrier Hold My Blackhawk?
Can My Homemade Aircraft Carrier Hold My Blackhawk?HeavyDSparks
Просмотров 360 тыс.
The Stakes Just Got Higher | Warhammer 40,000: Kill Team Cinematic 202402:19The Stakes Just Got Higher | Warhammer 40,000: Kill Team Cinematic 2024
The Stakes Just Got Higher | Warhammer 40,000: Kill Team Cinematic 2024Warhammer
Просмотров 658 тыс.
CORS || Bypass CORS Misconfiguration Leads to Sensitive Exposure POC || Cashfree || Bug Bounty2:51CORS || Bypass CORS Misconfiguration Leads to Sensitive Exposure POC || Cashfree || Bug Bounty
CORS || Bypass CORS Misconfiguration Leads to Sensitive Exposure POC || Cashfree || Bug BountyCybeR_FrosT
Просмотров 6 тыс.
Bug Bounty Hunting 2024 RECON+SIMPLE HUNTING 😱 | WANT YOUR FIRST BOUNTY !!!10:00Bug Bounty Hunting 2024 RECON+SIMPLE HUNTING 😱 | WANT YOUR FIRST BOUNTY !!!
Bug Bounty Hunting 2024 RECON+SIMPLE HUNTING 😱 | WANT YOUR FIRST BOUNTY !!!Quantum Hacker
Просмотров 1,1 тыс.
$200 Bug Bounty PoC Worth | Full API Key Recon14:28$200 Bug Bounty PoC Worth | Full API Key Recon
$200 Bug Bounty PoC Worth | Full API Key ReconSecShiv
Просмотров 10 тыс.
How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-119:10How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-1
How to Approach Bug Bounty Target for beginner | Netflix.com on Hackerone | Recon part-1The Cyberboy
Просмотров 45 тыс.
Reflected xss that made 500$ Bounty | Bug bounty poc3:14Reflected xss that made 500$ Bounty | Bug bounty poc
Reflected xss that made 500$ Bounty | Bug bounty poc𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 7 тыс.
CORS Vulnerability mass hunting on Dell Bounty program worth 500$ | Bug bounty poc5:00CORS Vulnerability mass hunting on Dell Bounty program worth 500$ | Bug bounty poc
CORS Vulnerability mass hunting on Dell Bounty program worth 500$ | Bug bounty poc𝙇𝙤𝙨𝙩𝙨𝙚𝙘
Просмотров 23 тыс.
Hackers Can Find Out Everything About You | OSINT13:46Hackers Can Find Out Everything About You | OSINT
Hackers Can Find Out Everything About You | OSINTCyb3rMaddy
Просмотров 28 тыс.
CORS exploit ( the proper way ). 2 methods for CORS DETECTION and EXPLOIT for bug bounty hunters15:34CORS exploit ( the proper way ). 2 methods for CORS DETECTION and EXPLOIT for bug bounty hunters
CORS exploit ( the proper way ). 2 methods for CORS DETECTION and EXPLOIT for bug bounty huntersSpeed Biker
Просмотров 9 тыс.
Cross Origin Resource Sharing (CORS) Vulnerability | BugBountyTraining | Bug Bounty Service5:41Cross Origin Resource Sharing (CORS) Vulnerability | BugBountyTraining | Bug Bounty Service
Cross Origin Resource Sharing (CORS) Vulnerability | BugBountyTraining | Bug Bounty ServiceMartin Voelk
Просмотров 9 тыс.
Бутылка Air Up обмани мозг вкусом01:00Бутылка Air Up обмани мозг вкусом
Бутылка Air Up обмани мозг вкусомКостя Павлов
Просмотров 1,9 млн
НАСТЯ КРАСИВАЯ?? #shorts00:22НАСТЯ КРАСИВАЯ?? #shorts
НАСТЯ КРАСИВАЯ?? #shortsПаша Осадчий
Просмотров 315 тыс.
УЛЬТРА ДОРОГИЕ vs УЛЬТРА ДЕШЕВЫЕ ЧИПСЫ07:07УЛЬТРА ДОРОГИЕ vs УЛЬТРА ДЕШЕВЫЕ ЧИПСЫ
УЛЬТРА ДОРОГИЕ vs УЛЬТРА ДЕШЕВЫЕ ЧИПСЫvanzai
Просмотров 766 тыс.
Tanish holatmi?😅❤️00:41Tanish holatmi?😅❤️
Tanish holatmi?😅❤️Zakirovlar_Oilasi
Просмотров 523 тыс.
КВН У отца заканчивается кодировка #shorts01:00КВН У отца заканчивается кодировка #shorts
КВН У отца заканчивается кодировка #shortsPRO КВН
Просмотров 272 тыс.
Мелл показал свои накопления наличных00:43Мелл показал свои накопления наличных
Мелл показал свои накопления наличныхMORE EMOCIY
Просмотров 139 тыс.
"Извини, я передумала..." Анастасия СОЛОВЬЕВА и Индл КИНГ50:05"Извини, я передумала..." Анастасия СОЛОВЬЕВА и Индл КИНГ
"Извини, я передумала..." Анастасия СОЛОВЬЕВА и Индл КИНГАнна Ханна
Просмотров 418 тыс.
女孩妒忌小丑女? #小丑#shorts00:34女孩妒忌小丑女? #小丑#shorts
女孩妒忌小丑女? #小丑#shorts好人小丑
Просмотров 27 млн