Это видео недоступно.
Сожалеем об этом.
Earn 500$ Easily by Escalating Html Injection to SSRF | Bug bounty poc
HTML-код
- Опубликовано: 15 фев 2024
- Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.
![EST Gee - NEVER NEED (Feat. Selfpaid Savage) [Official Video]](http://i.ytimg.com/vi/f2cRtr52HXI/mqdefault.jpg)
This is reflected html injection, but there's no SSRF
@moratadaveh4273The request was made by himself when he clicked the link, not by the server.
@moratadaveh4273 the ip Is from him, not from the server, he visited the page in the anchor tag, this is not an ssrf, he also deleted my comment lol
@moratadaveh4273 Thats him visiting the collaborator url.
@moratadaveh4273No the client did, lol.
you are right brother href is used for redirect site use can use for ssrf
Sorry, just a question. This attack only reflects on your own browser and does not have any affect on the actual web server...right?
its reflected client side htmlinjection you can use it in server side also in comment section or any post input..
@@lostsecc lol you don't know what ssrf is
correction use this in image src not in href tag
That is not ssrf...
there is no impact of ssrf that's an no oob internal interaction and nasa don't reward with bounty
It's not ssrf
That’s right, however NASA does reward with bounty.
You would have got more views on title "Nasa Hacked". Thanks for the videos you make.
just wait for upcomming videos..that will blow your mind ❤️all type of waf bypass..
What is preventing you from XSS in this case do they have a filter for the script tag? btw there is no SSRF it's client side. HTML injection to SSRF makes no sense.
yeah there is script tag filter & yeah its not ssrf
You are genius bro..
Please upload more videos like this..
😇this is just start soon uploading some expert level things...all bypass and all stuffss and full hunting playlist..just keep supporting ❤️
Bro! Can you plz make a video or writeup, how to you setup fonts & colours in your wsl-2 terminal??
yes sure
This guy is unstoppable 🔥.
😍😍 thnq so much brother ❤️
One of the best POC till date 💯👏
thnq so much its means a lot for me brother 😇❤️
@@lostsecc keep going boy many more to come 💪
❤️
Can you please provide the background picture of your wsl2 pls...By the way, Nice video...Explanation's good but I think voice explanations make people understand concepts better. Thank you for the video and explanation nonetheless.
i will make voice over video soon ..
i think its client side , maybe ur ip. Its not even parse to backend
yes,i corrected it
can you please describe it's impact? becausei just found similar issue in a private program
you can do xss ssrf phishing etc by this
Bro i report the same bug months ago but they just put that as informative 😂
Bro how you get these vulnerable websites?? And for this will XSS work??
use oneliner
which terminal are you using. can you please add a video on installing this terminal
window terminal+wsl kali
that not ssrf bro , it's open redirect via html and the ip appeared in collaborator is yours and it should be server system
yeah i know bro ❤️ you can use
bro how you insert image in cmd prompt backgrounddd
its wsl2 you change customize it from setting..
I Think SSRF mean "Server side" so the request it must be from the NASA server but i didnt seems so. Can you make it clear or i just missunderstood what youre doing 🤔🤔🤔
you are thinking right ! its not ssrf in this case bcz href is for redirecting the site ..but you can use img src for ssrf but in this case its not i will make clear video for this type of ssrf ...
what terminal where u using and how do i get it cause thats not debain or arch or anything
goto microsoft store search window terminal and make defualt that and install kali from microsoft store and also first install wsl2 from microsoftt store and then customize it with ohmyposh themes
everything in this video goes above my head.
Where can i get those html injection payloads? Also please teach me lol I've been trying to gind vulns for bug bounties but havent found anything yet
search on google payloadallthethings you will get many payloads
umm i guess there is no impact of ssrf that's an no OOB internal interaction and don't think they will reward ...
yeah its not ssrf my mistake you can use img src attribute for that
@@lostsecc yupp bro
if i just a randomly clicked this video just curious how do u explain me
soon explain all
Bro, how to create poc, you can put in sample this concept of html injunction.
you want report poc ?
everything went past my head but it looks cool and i wanna learn hackin and bug bounty and all o that stuff
i want to modify my wsl kali terminal like your's , can you tell me how can i do that
i will make seperate video for that
there is no ssrf here....That's your own IP in the burp collaborator.
iknow
keep it up brother, btw could u upload an video how u set that background on wsl ❤
its simple install window ternminal from microsoft store
@@lostsecc ik that i mean that transparent background with custom background
its wsl2 with ohmyposh customization in widow terminal
Bro can make career on this field
yes
i think the ping back is not from the server ip, i have a htmli in nasa and tried for ssrf no http ping back from server ip
check dns call back
@@lostsecc both pingback ip is not from web, i think it is ur ip, when u click the link from htmli, the intraction b/w ur system and burp collaborator link are listed not from the nasa domain
@@0x1c3b00da yes ! href tag is for redirect to otherwebsite.. but you can use in
What OS are you installing on WSL is it kali linux or ubunto?
its kali
This isn't much important, you're just modifying the html that your browser receives through the proxy. You can pretty much do that in every website.
but by this vuln you can make a comment with specious links that can affect some employers of NASA so He Must Report Of This Critical Vuln To NASA
yes i reported it and got hall of fame
@@lostsecc GOOD LUCK 👍 I AM PROUD OF YOU MAN
❤️
i just intercepted it bcz i want to bruteforce html payload so otherwise you can direct use html payload not need any burpsuit or proxy just enter payload in search box
Help full video
I think nasa also given HOF 🎉
yes i submited 5 vulnerability in nasa all are valid and i got Halloffame as well before 5 month ago
Great brother
Can you share your LinkedIn profile
So that I can connect with you 🎉
How do I customize the terminal again? plz help me ?
will make video soon
@@lostsecc thank you ❤️
Is that WSL kali? I see somewhere you said it was kali but I still dont get it, its clearly a windows machine with kali there, I can tell from how slow the terminal opened XD but is it like wsl or actually kali?
its wsl2 kali with window terminal
Brother if you don't mind can you share your payload list .
yeah i shared it in my telegram t.me/lostsec
what image is that background
Bro hacked nasa with html lol
😅🤭
What potential risk could this have, I'm sorry, I just don't see it?
html injection used for phising/redirect site/Defacement+ ssrf used for inernal port scanning and access of internal login or dashboard access or if inernal port is vulnerable to any service you can get rce from it..ssrf is so much powerful
@@lostseccBut this particular ssrf in the nasa web page can only be used for phising it doesn't go any further is you can only inject the tag no xss, form my point of view.
yes your right
@@lostsecc I'm with a partner checking if we can get a xss in that search engine wish me luck hahaha, if I get it I'll make you a video.
Nasa has a BBP? 😂
not bbp its rvdp in bugcrowd
Please share list of payload 😊
نسحة بيربسويت مدفوعة ام مكركة ؟ من فضلك
crack
@@lostsecc شكرااا
what in case of strict origin policy header is there
it will not work
it will work html injection acutally can bypass SOP
how your terminal Design ?
wsl2 kali with ohmyposh custom theme
@@lostsecc do you have telegram? i wanna talk some thing about 403 bypass details
bro got it all didn't left anything for us except for clapping 🔥🔥
Thnq so much brother 😇❤️
What's the payload?
join my telegram @lostsec i will share there
brother is this poc is resently founded or old one ?
html injection is old i reported it before 5 month ago but ssrf is recently found..
@@lostsecc its not a ssrf....
yes i noticed it before but its late...😉 you use use
I am beginner and I don't understand what u r doing plz upload video with voice explanation
sure i will..
@@lostsecc thank you...if u can help me to learn buy hunting plz help me
How can I contact you ?@@lostsecc
next level 🔥
thnq so much bro ❤️😇
what's the name of job you're doing in your videos?
security researcher & bug hunter
@@lostseccthanks
nice you did hack the nasa with html
ys 😂 i made the mems real
can you share payload list
please make a environment setup vid
soon..
Give us all pylod u have nice 👍🏼
github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Html-Injection-Payloads.txt
I had another great xss attack which changes price value in a shopping website i named it coupon hijacking...wanna see?
that called price manipulation not xss
@@lostsecc no man i actually make changes to HTML code so...and besides price manipulation wth is that? That isn't even an attack you can at the least call it session hijacking because it's happening as the website is not expiring or validating the session
Bro can you share your file that you used
github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Html-Injection-Payloads.txt
@@lostsecc thanks brother helpful video make videos like this if possible please explain something. ♥️♥️♥️
sure ❤️
😂this my payload bro😂
nicee ❤️
Its client side, not ssrf
yes
Can you help me what the best resources about web app hacking list
portswigger labs is enough you will learn basic to expert level there..
bro nice video, like realy nice. I have 1 question however, how did you learned all of this?
youtube + twitter + medium + portswigger labs + tryhackme rooms etc
@@lostsecc just coz of u im trying to do some bug bounty (plot twist: i barely know anything about pentesting xD)
just have passion you will do all one day
@@lostsecc aint that easy for me
Lmao that got you 500?
its worth 500$ this bug but its rvdp program so i got halloffame
bro I had already reported this bug but it's P5😣
find anotherone there are many i reported 7 differnt bug
Is it legal to disclose these things??
read the disclammer ! first i report then i disclose these things...
i still didnt understand this, can you explain?
HTML Injection also known as Cross Site Scripting. It is a security vulnerability that allows an attacker to inject HTML code into web pages that are viewed by other users.you can use this to trick the user for phishing login user pass..or you can deface the site as well..
So the actual page is now on Nasa.gov?@@lostsecc
Are U kidding?
this ur request not from the server Lmao
go and try you will know then..
use
Bro ofc when you vist ur burp collab, will recive a pingback but this request is from you@@lostsecc
Bro, you should do some research instead of dropping random shit@@lostsecc
shell ?
sir can you provide the lists of your payloads
github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Html-Injection-Payloads.txt
ey yo what is that coffinxp terminal?
its kali-linux with wsl2 with ohmyposh customization
@@lostsecc nice , and where can i find those payloads from? any website or anything
search on google payloadallthethings github
@@lostsecc ty bro
next level 🔥🔥 When u will create the group need some guidance
soon making
Promo SM 👀
Goooooood job bro nice amazing ❤❤❤✊️✊️✊️
thnq so much brother ❤️😇 keep supporting..
@@lostsecc telegram?
My brother, how can I contact you? I have 3 or 4 years of doing this work on blackhat.
Telegram?
cool
Great video 👍🏾
thnq so much brother ❤️😇
I think that's CSRF, not SSRF
its html injection
nice!. How to put a picture in
cmd ?
its wsl2
Great Man :)
thnq bro 😇❤️
is it valid bug bounty?
ys
can i get a link maybe hackerone?@@lostsecc
hello can you give me your all payload
i will upload in telegram
Bro i found same bug but only HTML injection 😢
i reported many bugs in nasa due to privacy i cannot upload that..
@@lostsecc brother may u help me to exploit ssrf
Full ssrf with p1, p2, p3, p4 cate
i will make seperate video for that with internal port scanning and admin dashboard access..
@@lostsecc i mean which type of ssrf
Bro that was your ip😅
socks5 proxy ip
You hacked nasa?
yes by html 😂🤣
Helpful video ❤🎉
😇
Great work🎉
thnq so much bro ❤️
Don't leave your consistency you are inspiring me a lot just now I'm steping into cybersecurity so please give a detail explanation for us to better understanding.
stop show off and go real hack side
🙃
superb!!!!!!!!!
thnq bro ❤️
wtf u doing explain pls how u earn 500$ with it ?
not in this its rvdp program but you can earn by ssrf
i don`t understand what ur saying but ur good person
You a pen tester ?
security researcher & bug hunter
@@lostsecc oh pretty dope!
Music is haram
and i am harami
Nasa paid you?
no its vdp
This is XSS not SSRF lmao
its not xss its html injection
next level bro wtf
thnq so much bro ❤️
You teach bro if i pay you ?
no need to pay i will teach free all just ask me.in telegram.i will.help.
@@lostsecc give your tg username want to learn 1 on 1 personally
@lostsec just dm me through bot
for instagram instagram.com/lostsec_____?igsh=MXc3eGNhMTBvbXNpOQ==
Well done ✅
thnq so much bro 😇❤️
@@lostsecc this is blind ssrf,
ys bcz i used burp collaborstor server ip
ishan?
what
Wanna collab?
channel link
@@lostsecc dont have a channel, i meant collab as a pentester
sure
niceee
thnq 😇
fake
thnq
Im glad hes not famous..
but soon...
govt is not gonna like dis@@lostsecc
bhai apne payload send kar do yaar
github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Html-Injection-Payloads.txt
@@lostseccthank u bhai tumhe dek dekh ke sikhta hu mai
❤️