Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden, vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
I have to inject on them bro. Firstly i fetch the apk then i have to find firebase link without the was without (.json) like domaim.firebaseio.com/(here i put the .json) and then i see the data is nothing like the website will give the null i have to put them my data and check right permissions is there or not. After successfully exploit it's means i have a read and write permission. The three columns are created by me to inject the data
Just Decompile the Apk and Check the strings.xml file on it and search firebase link. That's Link look like without /.json then put it on the url and check it.
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden, vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Great bro, today i learn new trick ❤❤❤
thanks Bro
Great
🙏
thank you
🙏🔥🔥
What a song❤❤❤❤🎉🎉🎉
Tnx bro ❤❤❤❤🎉
😎
I want ask u how to bypass WP security hardening with sqlmap?
Oky i will try to make it.
Bro which is your main account?
Telegram channel ki link expire hai, update kro
Thanks for the confirmation Updated bro
how did you find that there are these 3 databases : name , email and role?
Boss please watch carefully the video.
@@THEBBH not getting it, pls explain that how did you find out that there are these 3 tables ?
I have to inject on them bro. Firstly i fetch the apk then i have to find firebase link without the was without (.json) like domaim.firebaseio.com/(here i put the .json) and then i see the data is nothing like the website will give the null i have to put them my data and check right permissions is there or not. After successfully exploit it's means i have a read and write permission. The three columns are created by me to inject the data
Works only on Firebase url like there are several /.json files ?? And how did you find the url what tool you used??
I think he using google dork
It same like you wanna deface PoC RFI, the dork find directory upload, but on this case, this guy using like inurl: firebase/.json or something else
No buddy that's the apk file. 😂
Yes, when yo do the pentesting on apk app then this is the first thing you need to check
It's not fixed yet, how you make the poc public?
I already have permission to make videos on it.
Can you pass the new telegram link? thx
t.me/+RYXyf9wY3BIzOWNl
telegram invite link expired
t.me/+RYXyf9wY3BIzOWNl
How you got firebase?
Just Decompile the Apk and Check the strings.xml file on it and search firebase link. That's Link look like without /.json then put it on the url and check it.
Are u full time bug hunter ?
Nope Bro.
Invite link for telegram - expired
t.me/+RYXyf9wY3BIzOWNl
Great
🙏