Back to directory
WRITEUP #5433

Old but GOLD Dot Dot Slash to Get the Flag — Uber Microservice

SSRFPath traversalAccount takeover
by@ngalongc(Ron Chan)
Program
Uber
Published
Apr 7, 2019
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://ngailong.wordpress.com/2019/04/07/old-but-gold-dot-dot-slash-to-get-the-flag-uber-microservice/amp/
RELATED WRITEUPS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
IIS welcome page to source code review to LFI!
SSRFLFI

Built with ❤️ by Shubham Rawat