Back to directory
WRITEUP #2892

From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password – “password”

OtherWAF bypassWeak credentials
by@YokoAcc(YoKo Kho)
Bounty
2,500
Program
-
Published
Mar 14, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttp://www.firstsight.me/2022/03/from-recon-via-censys-and-dnsdumpster-to-getting-p1-by-login-using-weak-password-password/
RELATED WRITEUPS
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free

Built with ❤️ by Shubham Rawat