IDOR with EXIF Vulnerability | Bug Bounty POC
Рет қаралды 7,244
Күн бұрын#hacker #hack #hackers #hacking #bountytool
#hackingtools #bugbountytool # #programming
#python
#coder #bugbountypoc #bugbountyhunting #cybersecurity
#ethicalhacking #openbugbounty
#educationalfuzzer #bruteforce #bugbounty
#bugcrowd #hackerone
#eductionalvideo
#informationtechnology #informationsecurity
@anuzravat 3 ай бұрын
what does exif have anything to do with vuln 😭, its obv any media will have meta data.. IDOR is crazy tho
@ArnoShortz 11 күн бұрын
its the impact, it would be interesting to test other headers here
@bugbouty 3 ай бұрын
nice
@DerrikWrevok 2 ай бұрын
I always start with subdomain enum. Anyone smarter suggest better methodology? Thx. Also, sweet vid.
@jitendrabehera2374 3 ай бұрын
Are they accept this bug and give you any bounty
@sushil.choudhary_ 3 ай бұрын
I got 500$ for it
@rollups- 2 ай бұрын
yes
@smmeurope 29 күн бұрын
no ımpact
@mistDexploit 2 ай бұрын
so EXIF was for making the IDOR more dangerous, actually you increased the Impact of vulnerability with showing that you can find victim location that was nice, I enjoyed it
@meedmexi3711 3 ай бұрын
اخلا دار بوه
@杨志-w9h 2 ай бұрын
cool
@thechannelofmine Ай бұрын
No impact
@g0l0kget Ай бұрын
can u tell me why no impact? since theres no access control to view data another user
@thechannelofmine Ай бұрын
@@g0l0kget The data being viewed already public and have no impact on the user or platform.
@g0l0kget Ай бұрын
@@thechannelofmine isee , so theres only impact if he can change another user detail . is that it? sorry im still learning
@thechannelofmine Ай бұрын
@@g0l0kget no, not only change, you need to GET sensitive users information not public ones.
@g0l0kget Ай бұрын
@@thechannelofmine isee okay2 thanks
Bug Bounty Reports Explained
Рет қаралды 24 М.
Bug Bounty Reports Explained
Рет қаралды 11 М.
Matt Brown
Рет қаралды 276 М.
BePractical
Рет қаралды 21 М.
Bug Bounty Reports Explained
Рет қаралды 15 М.