bug-bounty448
google356
microsoft314
facebook264
xss238
apple180
malware175
rce149
exploit127
bragging-post101
cve99
account-takeover93
phishing83
csrf79
privilege-escalation77
stored-xss65
supply-chain65
authentication-bypass63
dos60
reflected-xss57
browser57
react50
cloudflare49
input-validation48
cross-site-scripting48
reverse-engineering48
access-control47
docker46
aws45
smart-contract45
node44
ethereum43
web343
defi42
web-security42
sql-injection42
web-application41
ssrf38
burp-suite35
idor34
vulnerability-disclosure34
info-disclosure34
race-condition33
html-injection33
buffer-overflow33
writeup32
cloud32
oauth32
smart-contract-vulnerability32
information-disclosure30
0
8/10
A detailed writeup of a multi-stage attack chain exploiting WAF bypass via DNS enumeration to discover origin server IP, leveraging LFI to bypass Cloudflare, then escalating to SSRF by bypassing Nginx web cache (using query string manipulation), and finally extracting AWS credentials from instance metadata. The attacker discovered that Nginx cache rules didn't account for query parameters, allowing cache bypass via appending '?' to metadata API calls.
waf-bypass
cloudflare-bypass
lfi
ssrf
aws-credentials
web-cache-bypass
nginx-cache
instance-metadata
dns-enumeration
origin-ip-disclosure
privilege-escalation
multi-stage-attack
Avinash Jain
logicbomb
Cloudflare
AWS
Nginx
CVE-2019-XXXX (instance metadata exploitation)