NEW BOT Телеграм, страница - 867341783

BugBounty & Hacking Resources

1.17K subscribers

21 photos

2 videos

5 files

361 links

Download Telegram

About

Blog

Apps

Platform

BugBounty & Hacking Resources

1.17K subscribers

BugBounty & Hacking Resources

CVE-2025-64484

oauth2-proxy:
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

باگش این بوده که هدر های X-Forwarded-* رو اتکر میتونسته اسماگل کنه.
سرویس oauth2-proxy این دوتا هدر رو جدا در نظر میگرفته:


X-Forwarded-User
X_Forwarded-User

خب حالا چه اتفاقی میوفته؟
زمانی که این درخواست سمت اپلیکیشن های مثل (nginx, Envoy, Rails) میره, این اپلیکیشن ها هدر X_Forwarded-User رو نرمالایز میکنن و تبدیل میشه به X-Forwarded-User و اگه دوتا هدر شبیه هم وجود داشته باشه پایینی رو در نظر میگیرن که همون هدر اسماگل شده ی اتکر هستش

Report Detail
https://gist.github.com/N3mes1s/a1144f6a546600d8f34babf35976b9c5

Oauth2-Proxy
http://github.com/oauth2-proxy/oauth2-proxy

OAuth2 Proxy underscore header smuggling (CVE-2025-64484 / GHSA-vjrc-mh2v-45x6)

OAuth2 Proxy underscore header smuggling (CVE-2025-64484 / GHSA-vjrc-mh2v-45x6) - CVE-2025-64484.md

❤10🔥3

969 views| | Sharo K h | |, 14:10

BugBounty & Hacking Resources

Unlocking Reflected XSS in the Astro framework

https://zhero-web-sec.github.io/research-and-things/unlocking-reflected-xss-in-the-astro-framework

zhero_web_security

Unlocking Reflected XSS in the Astro framework

❤7

947 views| | Sharo K h | |, 16:29

BugBounty & Hacking Resources

https://bugbountydaily.com/

Bug Bounty Daily

The ultimate reading list for bug bounty hunters. Discover curated articles and resources, track your progress, and stay ahead in cybersecurity.

❤9

1.04K viewsᴍͥᴏᴇͣɪͫɴ, 14:14

BugBounty & Hacking Resources

https://x.com/slonser_/status/1992913762333168052?s=46

X (formerly Twitter)

slonser (@slonser_) on X

Today I discovered an SQLi vulnerability in a PostgreSQL application where the injection point was path-based with strict length restriction (32 chars). Spaces, slashes, quotes, and parentheses e.t.c. resulted in a 400 Bad Request error and the path wasn't…

3❤2👍2

802 viewsMeydi, 21:19

BugBounty & Hacking Resources

https://x.com/Jayesh25_/status/1725429962931335599

X (formerly Twitter)

Jayesh Madnani (@Jayesh25_) on X

Bug Bounty Tips: 🐛🔐 Unlocking Important Resources with Email Verification Bypass

Working on a target where email verification is crucial? Imagine a scenario where gaining access to a specific domain, like example[.]com, could grant you entry into a victim's…

❤2

614 viewsSepehr, 20:48

BugBounty & Hacking Resources

https://x.com/_jensec/status/1292846852010721280

X (formerly Twitter)

Jenish Sojitra (@_jensec) on X

#bugbountytips #bugbounty
How I was able to find multiple critical vulnerabilities to get Full Account Takeover with the help of PlayStore and AppStore region settings.

❤2

604 viewsSepehr, 20:48

BugBounty & Hacking Resources

https://lab.ctbb.show/research/write-path-traversal-to-RCE-art-department

Critical Thinking - Bug Bounty Podcast

Write Path Traversal to a RCE Art Department

Abusing Write Path Traversal for Living Off the Land Remote Code Execution

❤3

544 viewsSepehr, 20:48

BugBounty & Hacking Resources

https://blog.criticalthinkingpodcast.io/p/hackernotes-ep86-xcorrelation-frans-rce-research-drop

Critical Thinking - Bug Bounty Podcast

[HackerNotes Ep.86] The X-Correlation between Frans & RCE - Research Drop

Frans Rosen and Justin sit down to discuss and drop gold on X-correlation injection, with impacts and POCs ranging from JSON injection to RCE.

❤6

649 viewsSepehr, 20:48

BugBounty & Hacking Resources

https://x.com/zseano/status/1995585425856147840

X (formerly Twitter)

zseano (@zseano) on X

akamai waf is SO fun to fuck with. managed to bypass it with this in a JSON request (which then saved my input and output it on another endpoint)

{"ID":'0<h2 onpointerrawupdate="/*','*/prompt``">':"xss"

using onpointerrawupdate=' got blocked by waf. but…

❤3

497 viewsAbolFazl, 20:24

BugBounty & Hacking Resources

https://blog.mirzadzare.net/from-log-in-with-oauth-to-your-account-is-mine-desktop-app-edition

Blog | Mirzadzare (Spix0r)

OAuth Vulnerabilities in Desktop Apps

Security flaw in desktop app OAuth allows account takeover with malicious links. Understand attack steps, why it works, and fix strategies

❤7

710 viewsSepehr, 20:38

BugBounty & Hacking Resources

InQL New Version

https://github.com/doyensec/inql/releases/tag/v6.1.0

❤3

2.09K views| | Sharo K h | |, 07:17

BugBounty & Hacking Resources

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

Searchlight Cyber

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber

This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed…

❤3

604 viewsMeydi, 07:17

BugBounty & Hacking Resources

BugBounty & Hacking Resources

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

اگه توی سایتتون از react-based فریم ورک ها (RSC)استفاده میکنید
سریع برید اپدیت کنید

❤3

728 viewsMeydi, 07:39

BugBounty & Hacking Resources

BugBounty & Hacking Resources

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

اینو خود ریسرچرش گفته:

https://react2shell.com/

❤7🤣1

632 views| | Sharo K h | |, 08:20

BugBounty & Hacking Resources

BugBounty & Hacking Resources

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

https://github.com/assetnote/react2shell-scanner

GitHub - assetnote/react2shell-scanner: High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) - assetnote/react2shell-scanner

👍4❤3

1.04K views| | Sharo K h | |, 11:40

BugBounty & Hacking Resources

https://x.com/moeinerfanian/status/1996613520339693929

X (formerly Twitter)

MOEIN (@moeinerfanian) on X

For anyone doing recon with the Wayback Machine, sifting through CDX results can be tedious and noisy — tons of historical URLs, not all relevant. To make it easier, I created wayback-cdx-filter, a browser extension that lets you filter out unwanted domains…

❤9

900 viewsᴍͥᴏᴇͣɪͫɴ, 16:12

BugBounty & Hacking Resources

https://x.com/galnagli/status/1996675296959812065?s=20

X (formerly Twitter)

Nagli (@galnagli) on X

This is the most reliable public detection (at this time) to indicate whether a machine is actually exploitable to CVE-2025-55182 / React2Shell without invoking the RCE and limited FP's.

it triggers an internal error and validates the vulnerable version…

❤6

639 viewsSepehr, 20:18

BugBounty & Hacking Resources

https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3

guys exploit React RSC
اومد

خیلی از سایتا rce میخورن🤯

CVE-2025-55182 React Server Components RCE POC

CVE-2025-55182 React Server Components RCE POC. GitHub Gist: instantly share code, notes, and snippets.

❤2👍2

942 viewsMeydi, edited 22:26

BugBounty & Hacking Resources

https://x.com/nowaskyjr/status/1998085277638922477?s=20

X (formerly Twitter)

Nowasky (@nowaskyjr) on X

Anchor/area tags can leak page URLs (origin, path, query, post-click fragment) by using href="#" with the ping attribute pointing elsewhere.

Works in Chrome and Safari (Firefox disables ping by default).

https://t.co/SVt05u6Hxs

❤22👍1

694 viewsSepehr, 18:35

BugBounty & Hacking Resources

This media is not supported in your browser

VIEW IN TELEGRAM

حاجی عجب تولزی درست کرده دمش گرم

https://github.com/fcavallarin/wirebrowser

❤101

918 views| | Sharo K h | |, 20:48