bugbounty技巧聚合20211020

漏洞报告

【U.S. Dept Of Defense】反射xss
https://hackerone.com/reports/923864

【U.S. Dept Of Defense】phpinfo() disclosure info
https://hackerone.com/reports/804809

挖洞技巧

How I Escalated a Time-Based SQL Injection to RCE
https://jmrcsnchz.medium.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398

Node.js was vulnerable to a novel HTTP request smuggling technique
https://portswigger.net/daily-swig/node-js-was-vulnerable-to-a-novel-http-request-smuggling-technique

Exploiting Request forgery on Mobile Applications
https://dphoeniixx.medium.com/exploiting-request-forgery-on-mobile-applications-e1d196d187b3

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞5 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容