- 32
- 38 605
Poc hunter
Nepal
Приєднався 23 бер 2023
Vault app login page bypass | Bug | #bugbountypoc #vault_apk
Vault password bypass using activity luncher. access vault with out password and pin.
#bugbountypoc #bugbounty #bugbountytips #bypass_trick
#bugbountypoc #bugbounty #bugbountytips #bypass_trick
Переглядів: 169
Відео
Qwilr | Stored xss bug bounty poc video | #bugbounty
Переглядів 3432 місяці тому
bugtype : stored xss (Duplicate) Thanks for watching this video. please subscribe the channel and like the video fro more updates.
getjobber.com | Self xss bug bounty poc
Переглядів 1264 місяці тому
getjobber.com | Self xss bug bounty poc
deepl | Stored XSS bug bounty poc
Переглядів 1,2 тис.5 місяців тому
thanks for watching #cyberpunk #ethicalhack #bugbounty #bugbountytips #bugbountypoc #cybersecurity
Race condition | Bug bounty POC | #bugbountypoc
Переглядів 2,1 тис.6 місяців тому
Thank you for watching this video. If you enjoyed it, please like the video and consider subscribing to the channel for more new PoC videos. happy hacking.... :)
MineOs | Stored Xss | #bugbountypoc #cybersecurity
Переглядів 3447 місяців тому
: Bug Bounty Poc video : Like,share comment the video and subscribe the channel for more poc updates. #bugbountypoc #cybersecurity #bugbounty #bugbountytips #cyberpunk #ethicalhacking #ethicalhack #cyberpunk
typeform.com | idor Bug Bounty Poc | #bugbountypoc
Переглядів 1,6 тис.9 місяців тому
Disclaimer: this video made for educational purposes. imapct: Successful exploitation of this vulnerability allows an attacker to copy a form from the victim's account to the attacker's account without proper authorization. This can lead to unauthorized access to sensitive data and misuse of the copied form. telegram : t.me/pochunter #bugbountypoc #bugbounty #bugbountytips #cybersecurity #cyber...
Clouddefenseai.com | old token not expire lead full access | Bug bounty Poc | #cybersecurity
Переглядів 7489 місяців тому
This video made for education porpoise. Impact :- This vulnerability can allow an attacker to bypass or disable the 2FA feature on the target website, which is a security measure to prevent unauthorized access to the user’s account and settings. An attacker can exploit this vulnerability by obtaining the user’s username and password, which can be done through phishing, brute-forcing, or other m...
choto.com | open-redirect | bug bounty poc | #bugbountypoc
Переглядів 80110 місяців тому
thanks for watching telegram: t.me/pochunter #bugbountypoc #bugbounty #bugbountytips #cyberpunk #cybersecurity
ign.com | Self-star vulnerability | Bug bounty Poc | #bugbountypoc
Переглядів 1,7 тис.10 місяців тому
Summary I have discovered a vulnerability that allows users to give stars to their own comments on the ign.com . This could lead to a manipulation of the rating system and a false impression of the quality and popularity of the comments. telegram :- t.me/pochunter thanks for watching
Metoblue | Otp leak bug bounty poc | 50$
Переглядів 73610 місяців тому
change email verification otp leak at request body thanks for watching subscribe the channel . like the video for more videos telegram:- t.me/pochunter #bugbountypoc #ethicalhacking #cyberpunk #cybersecurity
cosresell.com | Idor Bug | Bug bounty poc
Переглядів 5 тис.Рік тому
Thanks for watching Subscribe for more poc videos if want paid course in free then join our telegram channel telegram :- t.me/pochunter #bugbountypoc #cybersecurity #ethicalhacking
Reflected xss bug bounty poc | #bugbountypoc
Переглядів 6 тис.Рік тому
i hope you will get knowledge from this poc video. I will try to reproduce steps . if there was any mistake sorry for that . i will try to give good content in upcoming videos thanks for watching like share and subscribe my channel for more poc video
OpenRedirect | Hacker1 | #bugbountypoc
Переглядів 476Рік тому
SUBSCRIBE THE CHANNEL FOR MORE POC VIDEOS IF YOU HAVE ANY QUESTION THEN COMMENT BELOW THANKS FOR WATCHING #bugbounty #ethicalhacking
Broken Authentication and Session Management | #hackerone #bugbountypoc
Переглядів 1,2 тис.Рік тому
Broken Authentication and Session Management | #hackerone #bugbountypoc
Information Disclosure Through gif | bug bounty poc | hacker 1
Переглядів 4,4 тис.Рік тому
Information Disclosure Through gif | bug bounty poc | hacker 1
RCE | Bug bounty poc video | $$ | #bugbountypoc #cybersecurity
Переглядів 1,9 тис.Рік тому
RCE | Bug bounty poc video | $$ | #bugbountypoc #cybersecurity
Github | merkle.com Subdomain Takeover | bug bounty poc | VDP $$$$
Переглядів 708Рік тому
Github | merkle.com Subdomain Takeover | bug bounty poc | VDP $$$$
Ncell Open-Redirect bug | bug bounty poc | #cybersecurity #bugbounty #bugbountypoc #bugbountytips
Переглядів 273Рік тому
Ncell Open-Redirect bug | bug bounty poc | #cybersecurity #bugbounty #bugbountypoc #bugbountytips
Price Manipulation | thirdwheel | bug bouty poc | $$$$$😊
Переглядів 401Рік тому
Price Manipulation | thirdwheel | bug bouty poc | $$$$$😊
Thirdwheel | Otp bypass | android bug bounty | bug bounty poc
Переглядів 415Рік тому
Thirdwheel | Otp bypass | android bug bounty | bug bounty poc
Iphone 13 pro max free :) | price manuplation bug on mysmartsathi.com | buy freee 😋| bug bounty poc
Переглядів 268Рік тому
Iphone 13 pro max free :) | price manuplation bug on mysmartsathi.com | buy freee 😋| bug bounty poc
Price manuplation bug on jobsnepal.com || bug bounty poc ||
Переглядів 130Рік тому
Price manuplation bug on jobsnepal.com || bug bounty poc ||
stored xss on thousendeye.com || bug bounty poc video || $$$🤤🤤🤤
Переглядів 172Рік тому
stored xss on thousendeye.com || bug bounty poc video || $$$🤤🤤🤤
Stored xss on chat section exploit through svg || bug bounty poc 4
Переглядів 543Рік тому
Stored xss on chat section exploit through svg || bug bounty poc 4
XSS Through Document File Upload || poc= 3 || bug bounty hunter
Переглядів 276Рік тому
XSS Through Document File Upload || poc= 3 || bug bounty hunter
Price Manipulation poc report || Bug bounty poc report ||🤤🤤$$$
Переглядів 271Рік тому
Price Manipulation poc report || Bug bounty poc report ||🤤🤤$$$
Html injection in Accredible $$$🤤 poc report || bug bounty poc ||
Переглядів 322Рік тому
Html injection in Accredible $$$🤤 poc report || bug bounty poc ||
does qwilr has a private program?
yes it have vdp
Nice what was the bounty? I think you can also use command to launch activities
yes we can use command also using adb or other tools
need more info
The Activity Launcher APK is used for accessing hidden activities, creating shortcuts, app development/testing, and bypassing restrictions. In this video, I'll demonstrate how to bypass the login/PIN activity of the Vault app using the Activity Launcher APK. Specifically, I will launch the PrivacySpace activity directly through this APK. When we open the Vault app manually, it follows a sequence set by the developer, such as SplashScreen > LoginPage > MainActivity. In this case, we'll bypass the standard flow and launch MainActivity directly with the help of the Activity Launcher APK.
I didn’t see any bypass in the video, Can you please recheck it what you uploaded. Thanks
@@ayushmanngupta7027 Thank you. If you don't know what it is, please learn about Android penetration testing.
@@bugbountypoc395 can you share some resources to learn android pentesting?
can you explain more
The Activity Launcher APK is used for accessing hidden activities, creating shortcuts, app development/testing, and bypassing restrictions. In this video, I'll demonstrate how to bypass the login/PIN activity of the Vault app using the Activity Launcher APK. Specifically, I will launch the PrivacySpace activity directly through this APK. When we open the Vault app manually, it follows a sequence set by the developer, such as SplashScreen > LoginPage > MainActivity. In this case, we'll bypass the standard flow and launch MainActivity directly with the help of the Activity Launcher APK.
Which site is it
Plzzz tell Wich site
you can only send a request to your collaborator ... what's the impact .... brother
This bug is an informative🙂
Why?
Thanks a lot friend 👏👏👏👏👏
nice bro
Business logic Vulnerability
This is not race condition
thanks but hacker1 accpect it as race
@@bugbountypoc395 Cool, you could demonstrate it better with a python script. Did it have rate limiting combined with race condition, or just rate limiting ?
@@gobakos7890 i think there was no rate limit bt hacker1 trigger in race
How being able to tamper own star rating a vulnability?
Because an author can rate a user’s account, but the user has no access to rate their own comment.
This is not a Race Condition
thats crazy lol
does it repaired ?
nahh i think its stored xss. what you think about it?
lol
😣😣❤
Once i found sql injection but the company did not give me money
I made a script to test all the parameters and if the html filter looks inconsistence my script would automatically notify me. So xss as easy as this one would most of the time be already exploited by other researchers so in my opinion people should learn advanced techniques such as xss via parameter pollution etc. obviously if your sole purpose of bug bounty is just money and not improvement then you can just use a google dork and test it on some porely made website like in this video
Can you share your script ?
@@meghantashi the way you use it is with -p option send special characters with unique identifier and check their reflection to determine whether there is html encoding in place or not. e.g. (rxss -i hosts.txt -p "z3nshell>")
Today I got this type of xss attack and no reflection but stored in view source page search field codes. I was confused, but i do not perform multiple tym... finally i got this video. I'll attack again on tomorrow
I think this is a Rate Limiting issue not a Race Condition
can i get the payload bro?
github.com/payloadbox/xss-payload-list/blob/master/Intruder/xss-payload-list.txt
@@bugbountypoc395 Can you tell me which payoad did you use among the list. keep sharing thank you
What about the payload example?
This payload is made for testing HTML injection, cross-site scripting, SQL injection, and SSTI in a single payload.
@@bugbountypoc395 I want to know what the payload example looks like🤔 To complete my tools
@@bugbountypoc395wth , so many vulnerability
@@user-41044 ssti {{2*10}} = 20
any bounty bro ?
1 year subscription
What are examples of these payloads?
😢😢😢
most companies dont accept race vulnerabilities these days unless it has a high or critical severity
sukuna 💀
only inspect element ma n1664
esclate to account take over bro
Race condition or no rate limate?
both
Drop your insta ID bro
What's the security impact?
Simply send to intuder try with null payload
Short but impactful I love it!!
helpfull info for race condition in like ,
thanks ❤❤
Any bounty?
@@abhinavbansal9396 $$$
@@bugbountypoc395 how much u got?
Hey Brother, I'm new to bug bounty, could you give me some tips, you seem to know a lot?
join my telegram channel
@@bugbountypoc395link?
Very nice
Nicee one
thank you❤❤
Is it solved
yes
🎉🎉❤❤
Can I communicate with you via Instagram or Twitter?
of course why not
Can I communicate with you via Instagram or Twitter?
What is the impact?
I've also experienced this on other websites and there are no prizes😂
it's too short buddy.. you should make it longer
Bussiness logic error. Price manipulation
No bounty 😭
awesome bro, how much $ you got rewarded?
Do you have tips for hunting idor vulnerability?
check telegram
They paid for you?
duplicate
@@bugbountypoc395 give me your twitter
is it solved
do you got bounty
nah duplicate
I always getting duplicates, what should we do @@bugbountypoc395