Twitter | Pretraživanje | |
dawgyg
1 of 7 Millionaire Hackers thanks to Bug Bounty Hunter, Reformed Blackhat, Synack Red Team Member, Nissan Skyline Collector
3.492
Tweetovi
1.036
Pratim
15.537
Osobe koje vas prate
Tweetovi
dawgyg 5 h
Odgovor korisniku/ci @yghonem14
On HTTP/0.9 you dont need a host header at all. I have found in the past when you have a target testing the host your trying to hit and matching it with the host header, this can make it allow the request through. Havent seen the code directly, but has worked 10x+ on Verizon
Reply Retweet Označi sa "sviđa mi se"
dawgyg 5 h
Odgovor korisniku/ci @HossamSec
On HTTP/0.9 you dont need a host header at all. I have found in the past when you have a target testing the host your trying to hit and matching it with the host header, this can make it allow the request through. Havent seen the code directly, but has worked 10x+ on Verizon
Reply Retweet Označi sa "sviđa mi se"
dawgyg 5 h
When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.
Reply Retweet Označi sa "sviđa mi se"
dawgyg 5 h
Odgovor korisniku/ci @hardweired
Let me know how it does. Also check for things like following directs, can help to get to internal hosts at times
Reply Retweet Označi sa "sviđa mi se"
dawgyg 7 h
Odgovor korisniku/ci @hardweired
Even tho it is blind. Sometimes it can be hard to make a program understand that being able to discover internal web services that can then be attacked by testing various public exploits until you get one that works etc. is still a problem and needs to be addressed.
Reply Retweet Označi sa "sviđa mi se"
dawgyg 7 h
Odgovor korisniku/ci @hardweired
It can be really hard to increase the impact as blind. But the best thing to do is try to port scan local loopback, or internal network. Find applications, but then you have to argue the point that you can send requests, so you can technically attack those internal systems etc
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @BovadaOfficial
well over
Reply Retweet Označi sa "sviđa mi se"
dawgyg proslijedio/la je tweet
Bovada 2. velj
Like, RT and tell us what you think for your chance to win $54! How many rushing yards will Damien Williams have? Over 51.5
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @BentleyAudrey
reading the caption made me laugh out loud lol
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @Sp_L_aT
It was done on the Nintendo switch, baught a brand new game. I'll contact them directly
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @Sp_L_aT
I'm worried about the police getting involved. Dont want that to happen. So you think would be possible without them getting told?
Reply Retweet Označi sa "sviđa mi se"
dawgyg proslijedio/la je tweet
dawgyg 24. sij
Looking forward to speaking alongside and about our different approaches to recon at 's RSA event on Feb. 24th in SF! Join us:
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @ITGuyDennis @ShMalav
That's what his mom wants to do to make him earn the money to "pay me back"
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @dark_warlord14 @ShMalav
His mom is my daughters mom. We already talked about it and gonna handle tomorrow
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @rabbithunting1 @kevv254
Lol
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @GonzoHacker
Pico lol
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @shortxstack
How about pico? Lol
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @dark_warlord14 @ShMalav
Hes not my kid. But I already buy him everything he wants, just so it doesn't look like I love my daughter more than his parents love him because I spoil her with everything she could want. So I try to make sure it's all fair etc. Which is one of the reasons I'm so mad about it
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @d0nutptr @ShMalav
I deff appreciate your input. I got mad respect for you, parent or not. So thanks!
Reply Retweet Označi sa "sviđa mi se"
dawgyg 2. velj
Odgovor korisniku/ci @ShMalav
I did similiar stuff when I was a kid. And wasnt punished for the most part. So want to make sure it's something stern enough so he doesn't keep going a route like I did as a kid
Reply Retweet Označi sa "sviđa mi se"