✉️ Sign up for the mailing list ✉️ https://mailing.bugbountyexplained.com/
Sign up for Intigriti: https://go.intigriti.com/bbre


? Get $100 in credits for Digital Ocean ?
https://m.do.co/c/cc700f81d215

This video is an explanation of a bug bounty report by Harsh Jaiswal and Rahul Maini that resulted in an RCE (Remote Code Execution) on Apple bug bounty program. The vulnerability was a 0-day in Lucee server. It was later assigned the CVE-2021-21307.

✎Sign up for Pentesterlab from my referral✎
https://pentesterlab.com/referral/Vtch_7hLg32TqA

Report:
https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md

Reporter’s twitter:
https://twitter.com/rootxharsh
https://twitter.com/iamnoooob

Follow me on twitter:
https://twitter.com/gregxsunday

Commit with the fix:
https://github.com/lucee/Lucee/commit/6208ab7c44c61d26c79e0b0af10382899f57e1ca

Timestamps:
00:00 Intro
00:21 Intigriti – the sponsor of this video
00:59 Lucee server
02:41 The “easy” RCE
04:30 Bypassing Apple WAF
06:18 The exploit step-by-step
08:40 The reward and the fix

#RCE #CVE-2021-21307

Add comment

Your email address will not be published. Required fields are marked *