? Full case study: http://members.bugbountyexplained.com/rce-where-to-look-for-them-rce-case-study/
? Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
? Follow me on Twitter: https://bbre.dev/tw

This video is a part of an RCE case study where I studied 126 disclosed RCE bug bounty reports to learn how are people actually making money with RCEs. In this video, I go through different functionalities in which RCEs were common.

Videos:
https://youtu.be/jvbv12zztFw
https://youtu.be/Xb2RMtj9qTA
https://youtu.be/YYLqzj5-N7w
https://youtu.be/ClnVdYf4PK0
https://youtu.be/0GxsUS1P5xs
https://youtu.be/zFHJwehpBrU

? Get $100 in credits for Digital Ocean: https://bbre.dev/do

Timestamps:

00:00 Intro
00:27 Imports/Sharing
2:36 Other
3:50 File uploads
6:56 Authentication
8:59 High-privilege funcionality
10:43 Cloud
11:35 Templates
12:41 SQL query
13:17 Installing packages
15:44 0day
16:38 Image processing
18:14 Executing commands/code
20:25 SMTP/DB configuration
21:29 Making requests
23:14 Headless browser

Add comment

Your email address will not be published. Required fields are marked *