Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Damanpreet Singh🇮🇳 Profile picture
Damanpreet Singh🇮🇳
@MrDamanSingh
|| भारत 🇮🇳 ¦ ਪੰਜਾਬ ❤️ ¦ Bounty hunter 🤡 ¦ Pentester 💻 ¦ Not an Imposter 🙃 ¦ Crypto 💋 ||
Apr 19, 2022 4 tweets 2 min read
Recently bypassed an auth with a simple trick:
1. GET site.bruh/private => 405
(homepage was just showing "Working", opened page source, got a js file, grep all endpoints using linkfinder from js file)
2. POST site.bruh/private => 500 error: "Expected JSON body" 3. POST site.bruh/private
{} => 500 error: missing auth_key

4. POST site.bruh/private
{"auth_key":"123"} => 403

After many trials and errors (passing random values, special characters, adding commonly used tricks to bypass 403, like headers etc, nothing worked)