dude this video really mind blowing because i searched a lot videos and writeups still i don't understand the concept. when you teach this damn . i am really happy to say that i understand this concept thanks man. i am really appreciate your hard work
Just like this video Do make sure you explain every little details so that everyone not just pro hackers understand the thing. Awesome video. Subscribed!!
I know maybe this after a while of posting this video, but u are extremely clever and make it easy to deliver the content , keep the good work up dude.
Great very well explained if every TH-cam channel explain like this we will be elite hacker I recommend that you do Udemy courses on bug bounty with this kind of lab
Very detailed video. Learned a lot. Thank you so much. Please post a video about learning path as well. What are all the things we need to learn to hack like you?
Because when we used DNS-rebinding to Bypass the SSRF protection, we were accessing everything from localhost and privileges from there are not the same.
try DNS exfiltration, it works most of the time because WAFs rarely block UDP in-bound or out-band traffic. try to test it for it in conjunction with any collaborator you have access to
I wish I can, but unfortunately it's not publicly disclosed since it's related to a private BB program. I have explained all details regarding the vulnerability in the lab, so check that out if you still haven't.
This is well done and documented. Keep it up!
Thanks a lot, Cristi, I appreciate the support, I'm a big fan btw ❤️
dude this video really mind blowing because i searched a lot videos and writeups still i don't understand the concept. when you teach this damn . i am really happy to say that i understand this concept thanks man. i am really appreciate your hard work
I appreciate that, my friend. Glad you liked it
i am very impressed of your explain and the experience you just shared with hunters . awesome job. please make more content like these
High quality video. Thank you for taking the time to share and educate others!
This is some of the best bug bounty and web app hacking content on the whole of youtube.
Damn now i got to know how DNS rebinding works Thanks buddy very well explained :)
This is awesome man. Well done! Never knew about DNS rebinding, and you explained it so well. Subbed.
Man your explanation level is top notch. I hope you will make more PoC explanation videos like this.
This was a very well done video. Extremely clear, well thought out and engaging. Please make more!!
This is one off the best explained bug bounty videos on TH-cam. Keep it up man! I subscribed
Pure gold, brother! Thank you so much for this content.
I learned A LOT of new things from this video alone!! WOW! JUST WOW!! AMAZING! AMAZING! AMAZING!
Excellent explanation and straight to the point.
Others would spend 30min rambling.
Well done 👏
amazing and the perfect explanation I've seen till now on a ssrf thanks 🙂
You are doing great work for the community thanks for the details explanation video.
Mind blown! Can’t wait to test in on my client tomorrow.
Awesome finding bro !! pl increase your volume it`ll be really helpful. Thanks
Very well made and well document video. Thank you for sharing! Subscribed :)
The best poc bb walktrough I ever watch!
Amazing video...Please create more content!
Great demonstration and explaination. 💥
Just like this video Do make sure you explain every little details so that everyone not just pro hackers understand the thing. Awesome video. Subscribed!!
Please keep with this detail explanation in future too😃
Awsm video!!
Thank you, I will
thank you, finally some good videos of bugs you can actually find today
Thanks you so much brother, You are Awesome. Thank you so much
Awesome job! Thank you for creating such a great quality video and sharing all that content. Amazing work. Please keep it up, bringing subscribers!
Awesome break down. Great video editing. Look forward to more videos. New sub 😀
Thanks man. I have learnt a lot from this video. I am looking forward to learning more from you.
More to come, stay tuned :D
Next level amazing we need more
Super and clear explanation 👌
Great demonstration and explaination with real world example🎆
what a great explanation of a really brilliant approach
you are so cool in explaining thank you brother
Glad it was helpful! :D
I know maybe this after a while of posting this video, but u are extremely clever and make it easy to deliver the content , keep the good work up dude.
Thanks, will do
Great work. Subscribed!
OH WOW , this is amazing bro keep it up
now that's a quality writeup.
Thank You
Amazing work and very well explained! thanks for sharing
Your content is amazing, thanks for sharing. Subscribed.
Thanks You, my friend
This is awesome content. So informative. Subscribed.
Can you please make more videos like this 😍😍😍 first time on the TH-cam
Always learning something new from you. Keep going.
شكرا صديقي لكل هذه المعلومات انها حقا منعشة
Awesome, i love the way u explained it
Great very well explained if every TH-cam channel explain like this we will be elite hacker I recommend that you do Udemy courses on bug bounty with this kind of lab
keep it up bro!! very interesting content
Thanks, will do!
You’re amazing dude, thanks and much appreciate your clarification 🖤🚀
Thank you so much for this great stuff...We are learning bugs also learning programming and how we can create our own scripts ❤️❤️thanx sir
you welcome, glad to help ❤️
As always great.. please start some good bug bounty series which are not usually available on yt..many would love to learn from you
will do, stay tuned :)
@@LeetCipher 😊
Awesome explanation, thanks for sharing 💛
Very nice video man keep them up please I love them 😍
tnks bro. for the wonderful video. we need more from u
Thanks, man, stay tuned for future videos :)
amazing content bro keep it up
Nice found and great job 👍😎
Man such a great video , super detailed..thanks ;)
Bro what's your linkedin? :)
Awesome breakdown. Thank you.
Excellent content brother, thank you very much for your time.
You're welcome, my friend
this video is gold! subscribed :D
Hard-work pays off 🧑💻
Awesome Content . You deserve more subscribers 😊 ❣️.
Thanks, my friend, appreciate that ❤️
The way you explained 🔥🔥🔥
Awesome explanation. 🥳
Very detailed video. Learned a lot. Thank you so much.
Please post a video about learning path as well. What are all the things we need to learn to hack like you?
will do very soon, stay tuned :)
Nice One !! Learned something new !!
Bro you are pro ❤️❤️❤️❤️❤️
Also energetic ❤️
Thank You, bro, I appreciate it ❤️
@@LeetCipher ❤️❤️
That was awsom man ❤️😘❤️💓
This is great , love it !
so cool! thanks for sharing
really nice way explaining .thanks
glad you liked it :)
Good explanation , Happy hacking
very good explanation
Awesome channel bro.
Thanks You, my friend ❤️
Excellent explanation 👌
love u bro i m new here
Great video, I have a query that how did u find its using reverse proxy? Because it's not shown in wappalyzer know?
Keep doing dat 😍😍😍😍❤️❤️❤️❤️
Awesome explanation
What is the different when you check IDOR with uuid it was failed and then you use uuid from dns rebinding it was succeed?
Because when we used DNS-rebinding to Bypass the SSRF protection, we were accessing everything from localhost and privileges from there are not the same.
Thanks. Keep adding this kind of video. It's veru useful especially for noob like me
Awesome explain👏
😮 DNS rebinding je ne connais pas sa 🎉🎉
Amazing video. Thanks.
Hello bro , should i learn php for web security or python ?
I would recommend learning both.
Great, amazing ,superb !!
Another sick video 🙏 you should start a discord 👨💻
It's on my todo list :D
nice job, man!
Quick question, in the file_url field, wouldn’t a collaborator URL work just like Google dns one did, if not why?
yes that's exactly my thought as well i think maybe he failed to mention that normally it should work
Good content. keep going
This is quality stuff man.
What all the things you check if it was a blind SSRF? (advanced methods only)
try DNS exfiltration, it works most of the time because WAFs rarely block UDP in-bound or out-band traffic. try to test it for it in conjunction with any collaborator you have access to
amazing 🔥🔥🔥🔥
Your are just. Awesome ❤
Thanks, man, appreciate that ❤
Great Content!
You are awesome mate
appreciate that, my friend, Thanks ❤️
You are legend bro
very nice explain......
This is amazing.
Nice explaination
Thanks
Can you link your report, if it is already disclosed publicly?
I wish I can, but unfortunately it's not publicly disclosed since it's related to a private BB program. I have explained all details regarding the vulnerability in the lab, so check that out if you still haven't.
Wow dude just wow
How do you get that uuid parameter? in the first request it was user_uuid parameter.