WRITEUP #4876

How to hack a company by circumventing its WAF through the abuse of a different security appliance and win bug bounties

RCE

by@redtimmysec(Red Timmy Security)

Program

Published

Feb 16, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.redtimmy.com/web-application-hacking/how-to-hack-a-company-by-circumventing-its-waf-through-the-abuse-of-a-different-security-appliance-and-win-bug-bounties/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI

RCETLD hacking

Built with ❤️ by Shubham Rawat