9 min
From a lame SSRF to a full $4000 RCE Hack for Fun and Profit
-
- How To
Hello ethical hackers and bug bounty hunters! Welcome to this bug bounty write-up where I show you how I found a Server-Side Request Forgery vulnerability (SSRF). Then, I will explain how I was able to escalate it to obtain a Remote Code Execution (RCE). Finally, you will see how it is possible to gain a full SSH shell on the vulnerable server.
If all this seems intimidating for you, let me tell you that shouldn’t be; just make sure you stick with me until the end. I promise you are going to learn many things today!
Read more on https://thehackerish.com/bug-bounty-write-up-from-ssrf-to-4000/
Download your FREE Web hacking LAB: https://thehackerish.com/owasp-top-10-lab-vm-free
Facebook Page: https://www.facebook.com/thehackerish
Follow us on Twitter: https://twitter.com/thehackerish
Hello ethical hackers and bug bounty hunters! Welcome to this bug bounty write-up where I show you how I found a Server-Side Request Forgery vulnerability (SSRF). Then, I will explain how I was able to escalate it to obtain a Remote Code Execution (RCE). Finally, you will see how it is possible to gain a full SSH shell on the vulnerable server.
If all this seems intimidating for you, let me tell you that shouldn’t be; just make sure you stick with me until the end. I promise you are going to learn many things today!
Read more on https://thehackerish.com/bug-bounty-write-up-from-ssrf-to-4000/
Download your FREE Web hacking LAB: https://thehackerish.com/owasp-top-10-lab-vm-free
Facebook Page: https://www.facebook.com/thehackerish
Follow us on Twitter: https://twitter.com/thehackerish
9 min