Sign up for Intigriti: https://go.intigriti.com/bbre
? Get $100 in credits for Digital Ocean ?
https://m.do.co/c/cc700f81d215
This video is an explanation of a bug bounty report by Harsh Jaiswal and Rahul Maini that resulted in an RCE (Remote Code Execution) on Apple bug bounty program. The vulnerability was a 0-day in Lucee server. It was later assigned the CVE-2021-21307.
✎Sign up for Pentesterlab from my referral✎
https://pentesterlab.com/referral/Vtch_7hLg32TqA
Report:
https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
Reporter’s twitter:
https://twitter.com/rootxharsh
https://twitter.com/iamnoooob
Follow me on twitter:
https://twitter.com/gregxsunday
Commit with the fix:
https://github.com/lucee/Lucee/commit/6208ab7c44c61d26c79e0b0af10382899f57e1ca
Timestamps:
00:00 Intro
00:21 Intigriti – the sponsor of this video
00:59 Lucee server
02:41 The “easy” RCE
04:30 Bypassing Apple WAF
06:18 The exploit step-by-step
08:40 The reward and the fix
#RCE #CVE-2021-21307
Add comment