? Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
? Follow me on Twitter: https://bbre.dev/tw
This video is a part of an RCE case study where I studied 126 disclosed RCE bug bounty reports to learn how are people actually making money with RCEs. In this video, I go through different functionalities in which RCEs were common.
Videos:
https://youtu.be/jvbv12zztFw
https://youtu.be/Xb2RMtj9qTA
https://youtu.be/YYLqzj5-N7w
https://youtu.be/ClnVdYf4PK0
https://youtu.be/0GxsUS1P5xs
https://youtu.be/zFHJwehpBrU
? Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:27 Imports/Sharing
2:36 Other
3:50 File uploads
6:56 Authentication
8:59 High-privilege funcionality
10:43 Cloud
11:35 Templates
12:41 SQL query
13:17 Installing packages
15:44 0day
16:38 Image processing
18:14 Executing commands/code
20:25 SMTP/DB configuration
21:29 Making requests
23:14 Headless browser
Add comment