@@sukremez1870 I got you back . If you test any application you just gather info about the technology they used . Then you are testing like hit and trail . Everything about the website you have to test for different aspects in a different manner .if you don't know where you want to test.you just read the documentation of the website you are testing . It would help you what endpoint and what was the details fetch from backend to front end simple how it is working . And that was the phase where I discovered the first name and second name is vulnerable to SSTI.then I check what was they used template to process the data .then I got to know it was Jinja2 instances template is used . Then I tried a simple payload. And it worked . Then I dig deep to escalate into RCE. I hope I just clear your question
@sukremez1870
15 сағат бұрын
@@A9x-AkhilReddy aight got it
@gk_eth
7 күн бұрын
did you submitted the impact?
@A9x-AkhilReddy
7 күн бұрын
@@gk_eth I show a simple payload in this poc . I cut the interesting part I escalate into RCE
@sukremez1870
Күн бұрын
@@A9x-AkhilReddy if rce, got bounty then? if yes, does this website have bounty program in hackerone/bugcrowd? or no?
Пікірлер: 6