uhmm so here's a short context about the POC : I was manually testing the site for blind SSRF and then burp bounty notifies me that it is vulnerable to time based sqli... :)
As far as my understanding goes, it basically is a cybersecurity attack. It works by manipulating what the client machine (you as a user entering a website, for example) sends to the server machine ( the machine that controls the website) to execute commands in the database at will. In this particular case, a time based command execution of waiting for x time to respond.
bro how did you burp scan for vulnerabilities and notify you can you elaborate it. Thanks
I use burp bounty for fun
this program doesn't respond.. found multiple bugs in it
can you explain what this is about?
As far as my understanding goes, it basically is a cybersecurity attack. It works by manipulating what the client machine (you as a user entering a website, for example) sends to the server machine ( the machine that controls the website) to execute commands in the database at will. In this particular case, a time based command execution of waiting for x time to respond.
When i use burp with https, all infor was hashed, can u tell me how to fix it 😬
Is this burp bounty pro extension cracked or did you actually buy it? if so, please send me the link
chelsy was here
hahaha Bai
hey bro can you share your burpsuite pro link so that I can download your burpsuite
Bro how did you found that target? I mean is it by dorks or something??
dork
is sqli work on cookie side ?
works
@@bambangsutrisna5006 any random cookies ? Example: will every session cookie side work ?
So they were putting cookie value in sql statement?
SQLi via cookie
What burp extension do you use?
burp bounty
Why only 100 ?
Because he is not exploited
🎉
What is your twitter?
How do I contact you?
Facebook