bug-bounty442
google354
xss342
microsoft283
facebook246
apple171
exploit163
rce160
malware102
account-takeover95
cve91
bragging-post83
csrf83
writeup79
browser77
privilege-escalation68
react60
authentication-bypass57
cloudflare54
dos53
node52
docker51
ssrf51
phishing49
aws48
access-control47
smart-contract45
oauth45
supply-chain44
ethereum43
web342
defi42
sql-injection41
lfi37
idor35
smart-contract-vulnerability32
vulnerability-disclosure32
race-condition31
web-application31
clickjacking31
info-disclosure31
reverse-engineering31
wordpress30
cloud29
information-disclosure29
burp-suite29
input-validation28
solidity27
web-security27
pentest26
0
8/10
bug-bounty
A bug bounty hunter discovered unauthenticated Remote Code Execution via an HTTP PUT method on a staging web service running on a non-standard port, enabling file upload of a PHP web shell. The RCE was leveraged to gain a reverse shell, traverse the internal network using discovered zone transfer files, and achieve lateral movement to other systems using weak credentials embedded in system files.
remote-code-execution
http-put-method
web-shell
reverse-shell
unauthenticated-access
subdomain-enumeration
port-scanning
internal-network-traversal
credential-stuffing
zone-transfer
php-web-shell
netcat
nmap
bash-shell
privilege-escalation
lateral-movement
bug-bounty-writeup
nmap
netcat
ncat
OPTIONS
PUT
phpinfo