IT-Securityguard Blog

09/08/2016
nach Patrik
6 Kommentare

[BugBounty] Decoding a $đŸ˜±,000.00 htpasswd bounty

tldr; A Private Bug Bounty Program had a globally readable .htpasswd file. I cracked the DES hash, got access to development and staging environments and was rewarded a shitload of$. [Tools used] dirbuster https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project John http://www.openwall.com/john/ [\Tools used] Today I want to … Weiterlesen