IDOR with EXIF Vulnerability | Bug Bounty POC
ฝัง
- เผยแพร่เมื่อ 29 ก.ย. 2024
- #hacker #hack #hackers #hacking #bountytool
#hackingtools #bugbountytool # #programming
#python
#coder #bugbountypoc #bugbountyhunting #cybersecurity
#ethicalhacking #openbugbounty
#educationalfuzzer #bruteforce #bugbounty
#bugcrowd #hackerone
#eductionalvideo
#informationtechnology #informationsecurity
what does exif have anything to do with vuln 😭, its obv any media will have meta data.. IDOR is crazy tho
its the impact, it would be interesting to test other headers here
so EXIF was for making the IDOR more dangerous, actually you increased the Impact of vulnerability with showing that you can find victim location
that was nice, I enjoyed it
I always start with subdomain enum. Anyone smarter suggest better methodology? Thx. Also, sweet vid.
اخلا دار بوه
Are they accept this bug and give you any bounty
I got 500$ for it
yes
no ımpact
cool
nice
No impact
can u tell me why no impact? since theres no access control to view data another user
@@g0l0kget The data being viewed already public and have no impact on the user or platform.
@@thechannelofmine isee , so theres only impact if he can change another user detail . is that it? sorry im still learning
@@g0l0kget no, not only change, you need to GET sensitive users information not public ones.
@@thechannelofmine isee okay2 thanks