I have access to companies internal files through SSRF and Path traversal both but want to leverage it further to website takeover

Çağlar Arlı - 12 Views

I have access to companies internal files through SSRF and Path traversal both but want to leverage it further to website takeover

I have access to companies internal files through SSRF and Path traversal both but want to leverage it further to website takeover. Thus I can increase the impact and get more bounty then what they will pay now.

I have access to files like

/etc/passwd
/etc/hosts etc

similarly for SSRF - 127.0.0.1:22 , 127.0.0.1:25

this are the endpoints which I though might be sensitive and can give me info to takeover website.

is there anything more I should look for?

And they don't have any upload file or system where I can upload my .php shell, so its been days I am just stuck here:(

P	S	Ç	P	C	C	P
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Annanowa

I have access to companies internal files through SSRF and Path traversal both but want to leverage it further to website takeover

I have access to companies internal files through SSRF and Path traversal both but want to leverage it further to website takeover

Son Yazılar

Son Yorumlar