Discover and read the best of Twitter Threads about #wapt

Most recents (2)

Want to find RCE on Web Applications? 🚀

Here are some ways to escalate or direct RCEs in Bug Bounties

A thread🧵

#bugbounty #bugbounties #wapt #rce #zeroday
1. LFI with Log Poisoning :
➼ Apache Log: hackingarticles.in/apache-log-poi…
➼ SSH Log:hackingarticles.in/rce-with-lfi-a…
➼ SMTP Log:liberty-shell.com/sec/2018/05/19…
➼ FTP Log: secnhack.in/ftp-log-poison…

(2/n)
2. Via File Upload :
âž¼ Upload .php reverse shell
âž¼ If not, Bypass Restrictions :
(a) Double Extension
(b) Random Upper & Lower Case Names
(c) Changing Mime Type
(d) Null Byte
(e) Magic Byte
âž¼ If image allowed, use ExifTool and add PHP reverse shell in comment metadata
(3/n)
Read 7 tweets
@TRANQUIL_IT dans un contexte multi-ad sans liens d'approbations + postes hors domaines, comment se passe l'intégration de #WAPT ? @K3nnyfr #fautsoccuper
2 - La doc officielle parte d'installer #systemd mais pas la doc @_ComputerZ dans son article #Debian10 donc nécessaire ou pas ?
3 - Si on veut passer de #Community à #Entreprise par la suite, galère ou pas ?
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!