Fake Hacker

07/08/2022

26/07/2022

Nice Example! :3

Read More: https://twitter.com/HumanizeInc/status/1551572950507290626?t=90_lidXjgWdPQRBXd-RYtA&s=19

25/07/2022

Privilege Escalation!

https://blog.0xrobiul.me/2022/07/what-is-privilege-escalation.html

What Is Privilege Escalation? July 08, 2022  What Does "Privilege Escalation" Mean?At it's core, Privilege Escalation usually involves going from a lower permission to a higher permission. More technically, it's the exploitation of a vulnerability, design flaw or configuration oversight in an opera...

04/04/2022

Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework

20/03/2022

Hidden API Functionality Exposure March 20, 2022 Hidden API Functionality ExposureApplication programming interfaces (APIs) have become a critical part of almost every business. APIs are responsible for transferring information between systems within a company or to external companies. For example,....

20/03/2022

Subdomains are everyone's darling! 👯‍♀️

Who does not wanna have a little sibling disclosing some secrets? 🕵️

Twitter@ bughunterlabs helps you finding some of them today 🔍

👇

04/03/2022

Subdomain Enumeration March 04, 2022  Subdomain EnumerationWell, subdomain enumeration is important when you are hunting on wildcard enable scope programs. If you are able to get unique subdomains that other miss then it's a good chance for you to get some bugs.General Methodology• Passive• Act...

04/03/2022

Recon Tip for :
-Subdomain enumeration
-Finding endpoints
-Finding parameters

©Ollected https://t.co/uV5ezduGSd

24/02/2022

https://www.google.com/advanced_search

16/02/2022

Give Review To Our Page!🙂

14/02/2022

Congratulations Robiul Awal 🥳
[www.facebook.com/robiul.awal.pro]

06/02/2022

https://0xrobiul-awal.blogspot.com/2022/02/how-to-clone-sim-card.html

How To Clone SIM Card February 06, 2022 How To Clone SIM CardThings Required :Blank Programmable SIM Card: I got this one from Amazon, you can also buy one on eBayA SIM Firmware Reader/Writer: I also got this on Amazon, but it’s available on eBay also. (Or For an Indian sim you can get it from his...

03/02/2022

©Ollected

02/02/2022

https://0xrobiul-awal.blogspot.com/2022/02/xss-via-x-forwarded-host.html

XSS Via X-Forwarded-Host February 02, 2022 XSS Via X-Forwarded-HostLet’s understand, what is the X-Forwarded-Host header?The HTTP X-Forwarded-Host header is a request-type header de-facto standard header. This header is used to identify the original request made by the client. Because the hostname...

18/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/exif-metadata-leakage.html

Exif MetaData Leakage January 19, 2022 Exif MetaData LeakageIt occurs when a user uploads an image in example.com, the uploaded image’s EXIF Metadata Data does not gets stripped. As a result, anyone can get sensitive information of example.com users like their Geo-location, their Device informatio...

16/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/openredirect-via-file-upload.html

OpenRedirect Via File Upload January 16, 2022  Open Redirect Via File UploadOpen Redirect with the File Upload functionality is not widely seen or talked about but still possible to execute under specific conditions. It is possible to create a payload that results in redirecting users to an attacke...

16/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/csrf-via-file-upload.html

CSRF Via File Upload January 16, 2022  CSRF Via File UploadCross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated.It is possible to perform CSRF attacks on file upload functionality by cr...

16/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/xss-via-file-upload.html

XSS Via File Upload January 16, 2022  XSS Via File UploadWhile performing testing on file upload functionality, there are multiple ways to execute a cross-site scripting attack scenario. A file upload is a serious opportunity to find cross-site scripting (XSS) to a web application. Below are few wa...

16/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/xxe-via-file-upload.html

XXE Via File Upload January 16, 2022  XXE Via File UploadThe file upload functionality, opens the gateway for the XML External Entities, especially when the application accepts the file formats that support XML. Since the SVG format uses XML, an attacker can submit a malicious SVG image and so reac...

15/01/2022

https://0xrobiul-awal.blogspot.com/2022/01/ssrf-via-file-upload.html

SSRF Via File Upload January 16, 2022 SSRF Via File UploadServer-Side Request Forgery is one of the very interesting and impactful security vulnerability. A file upload functionality that may allow the use of files such as HTML or SVG files. It may an Internal SSRF, Cloud Metadata SSRF or simply an....

15/01/2022

A thread all about XSS Tips.

https://twitter.com/rootxyash/status/1482340169542172678?t=ScKJU7XXhtxSD-ETUWZ84Q&s=19

“A thread all about XSS Tips. Bookmark & Retweet

12/01/2022

" A thread all about CSRF Tips "

- Convert POST request to GET request
- Try using the old tokens in the new request
- Leave the token with a blank string
- Removing the token parameter totally

- Remove anti CSRF headers from the request
- Check if the server generating different tokens for every session or not
- Check whether we can guess the token

- Add your own custom string into the token parameter replacing the original one and it’s length should be equal to the original token
- Using another user's token

- Remove the Referer Header

- Use some logic !

Collected from,
https://twitter.com/rootxyash/status/1480126074994368512?t=naK9k6T6Z7XznK1T1RNexg&s=19



(1/n)
1. Remove the entire token parameter with value.
2. Remove only the value.
3. Use any other random token with same length/(length-1)/(length+1).
4. Use attacker's token in victim's session.
5. Change the method from POST to GET and remove the token.

(2/n)
6. If request is made through PUT, use _method=PUT (Same for DELETE)
7. If token is sent through custom header; try to remove the header or just the value.
8. Change the Content-Type.
9. If double submit token is there(In cookies and some header) then try CRLF injection.

(3/n)
10. To bypass referrer check; use in the poc.

(4/n)
Regex Referral bypass:
https://a(.)com?t(.)com
https://a(.)com;t(.)com
https://a(.)com/t(.)com/../PATH
https://t(.)com.a(.)com
https://at(.)com
[email protected]" rel="ugc" target="_blank">https://[email protected]
https://a(.)com .com
https://a(.)com.t.com
https://a(.)com/.t(.)com

(5/n)
11. CSRF token stealing via xss/htmli or cors misconfiguration. Check if it's leaking in JS files.
12. JSON Based ---> text/plain, application/x-www-form-urlencoded, multipart/form-data
13. Guessable CSRF token.
14. Clickjacking to strong CSRF token bypass.

(6/n)
15. Type Juggling: (a5h4hh5u4tu58u5-->0, 1q2weehh5u4tds-->1, 24urriury444-->24)
16. Array for strcmp(): newemail=[email protected]&token[]=lol
17. Set the csrf token to "null" or add null bytes.
18. Check whether csrf token is sent over http or sent to 3rd party.

(7/n)
19. Generate multiple csrf tokens, observe the static part. Keep it as it is and play with the dynamic part.

(8/n)
20. Chaining Log Out CSRF with public image upload via URL.

(9/n)
21. Asking for password? Remove the value with parameter or just the value.

Collected from,
https://twitter.com/tuhin1729_/status/1447400377553350656?t=M06_2zYgmcQMtSk2X9wD1g&s=19



Happy ❤️

©Frozen Flame

10/01/2022

Best of OSINT Cheastheet



https://t.co/NdB5Y0Eu14

10/01/2022

OAuth redirect_uri bypass using IDN Homograph.

target[.]com vs tаrget[.]com https://t.co/J700Iwy25x

09/01/2022

Linux Path Cheatsheet!

09/01/2022

Nmap Cheatsheet

https://t.co/wbXQP9NoAo

09/01/2022

WiFi hacking
https://mega.nz/folder/YyglXD5C /folder/Ur4nSBoQ

98 files and 11 subfolders

07/01/2022

Nothing To Say!😐

06/01/2022

Linux Command Line!

06/01/2022

An open-source post-exploitation framework for students, researchers and developers:
https://byob.dev/guide
Github:
https://github.com/malwaredllc/byob


© Rapid SafeGuard