WRITEUP #5311

Using Burp Suite match and replace settings to escalate your user privileges and find hidden features

RCEClient-side enforcement of server-side security

by@jon_bottarini(Jon Bottarini)

Bounty

500

Program

New Relic

Published

Jun 17, 2019

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.jonbottarini.com/2019/06/17/using-burp-suite-match-and-replace-settings-to-escalate-your-user-privileges-and-find-hidden-features/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI

RCETLD hacking

Built with ❤️ by Shubham Rawat