Skip to main content
A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln [Bug Bounty Podcast]
If you like what I do in hacking and want to support, I invite you to visit our store to buy cheap and exclusive nfts: https://mintable.app/u/cha0smagick
Quick bounty episode this week with some request smuggling, abusing a SSRF for client-sided impact, a weird oauth flow, and a desktop VPN client LPE. Links and vulnerability summaries for this episode are available at: https://ift.tt/Ezi4oMp [00:00:00] Introduction [00:00:28] HTTP Request Smuggling on business.apple.com and Others. [00:06:25] Exploiting a double-edged SSRF for server and client-side impact [00:14:47] Local Privilege Escalation in Pritunl VPN Client [CVE-2022-25372] [00:20:27] A NodeBB 0-day The DAY[0] Podcast episodes are streamed live on Twitch twice a week: - Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities - Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The audio-only version of the podcast is available on: -- Apple Podcasts: https://ift.tt/lB7iX9K -- Spotify: https://ift.tt/HqfbyDh -- Google Podcasts: https://ift.tt/xjhmwko -- Other audio platforms can be found at https://ift.tt/bQl2C0R You can also join our discord: https://ift.tt/XxRqHpV Or follow us on Twitter (@dayzerosec) to know when new releases are coming. #BugBounty #EthicalHacking #InfoSec #Podcast
For more hacking info and tutorials visit: https://sectemple.blogspot.com/
Hello and welcome to the temple of cybersecurity. If you are looking for tutorials and all the news about the world of hacking and computer security, you have come to the right place. We invite you to subscribe to our newsletter in the box at the top and to follow us on our social networks:
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/5SmaP39rdM
We also invite you to visit the other blogs in our network, where you can find something for every taste.
https://elantroposofista.blogspot.com/
https://gamingspeedrun.blogspot.com/
https://skatemutante.blogspot.com/
https://budoyartesmarciales.blogspot.com/
https://elrinconparanormal.blogspot.com/
https://freaktvseries.blogspot.com/
#hacking, #infosec, #tutorial, #bugbounty, #threathunting, #opensource, #pentest, #pentesting, >
Comments
Post a Comment