uhmm so here's a short context about the POC : I was manually testing the site for blind SSRF and then burp bounty notifies me that it is vulnerable to time based sqli... :)
Пікірлер: 26
@brunobandeira253227 күн бұрын
Is this burp bounty pro extension cracked or did you actually buy it? if so, please send me the link
@tusharhackseverything8 ай бұрын
this program doesn't respond.. found multiple bugs in it
@FakerPK8 ай бұрын
can you explain what this is about?
@randreu288 ай бұрын
As far as my understanding goes, it basically is a cybersecurity attack. It works by manipulating what the client machine (you as a user entering a website, for example) sends to the server machine ( the machine that controls the website) to execute commands in the database at will. In this particular case, a time based command execution of waiting for x time to respond.
@rohancyber8 ай бұрын
bro how did you burp scan for vulnerabilities and notify you can you elaborate it. Thanks
@marco1337-PT8 ай бұрын
I use burp bounty for fun
@Hackerone14447 ай бұрын
is sqli work on cookie side ?
@bambangsutrisna50067 ай бұрын
works
@Hackerone14447 ай бұрын
@@bambangsutrisna5006 any random cookies ? Example: will every session cookie side work ?
@ayushmanngupta70275 ай бұрын
hey bro can you share your burpsuite pro link so that I can download your burpsuite
@Aakarshmishra013 ай бұрын
Bro how did you found that target? I mean is it by dorks or something??
@marco1337-PT3 ай бұрын
dork
@TuanNguyen-ve9xf8 ай бұрын
When i use burp with https, all infor was hashed, can u tell me how to fix it 😬
@landless-wind8 ай бұрын
chelsy was here
@marco1337-PT8 ай бұрын
hahaha Bai
@ariadesupriyatna5 ай бұрын
🎉
@abhinavbansal93968 ай бұрын
So they were putting cookie value in sql statement?