Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://blog.jr0ch17.com/2018/No-RCE-then-SSH-to-the-box/
- http://hassankhanyusufzai.com/RFI_LFI_writeup/
- http://karmainsecurity.com/hacking-magento-ecommerce-for-fun-and-17000-usd
- https://bitquark.co.uk/blog/2013/12/30/google_sites_a_tale_of_five_vulnerabilities
- https://blog.scrt.ch/2018/08/24/remote-code-execution-on-a-facebook-server/
- https://blog.scrt.ch/2019/01/24/magento-rce-local-file-read-with-low-privilege-admin-rights/
- https://blog.shashank.co/2013/10/lfi-in-nokia-maps.html
- https://buer.haus/2017/06/29/escalating-xss-in-phantomjs-image-rendering-to-ssrflocal-file-read/
- https://cyberzombie.in/my-first-lfi/
- https://josipfranjkovic.blogspot.com/2014/12/reading-local-files-from-facebooks.html
- https://medium.com/@NathOnSecurity/hacking-the-nhs-for-fun-and-no-profit-90931029dcb4
- https://medium.com/@_bl4de/most-common-security-vulnerabilities-in-npm-static-server-modules-ef593c59d0ba
- https://medium.com/@armaanpathan/chain-the-bugs-to-pwn-an-organisation-lfi-unrestricted-file-upload-remote-code-execution-93dfa78ecce
- https://medium.com/@jonathanbouman/local-file-inclusion-at-ikea-com-e695ed64d82f
- https://medium.com/@logicbomb_1/chain-of-hacks-leading-to-database-compromise-b2bc2b883915
- https://medium.com/@logicbomb_1/the-journey-of-web-cache-firewall-bypass-to-ssrf-to-aws-credentials-compromise-b250fb40af82
- https://medium.com/@mantissts/arbitrary-file-read-in-one-of-the-largest-crms-658caa2f05d2
- https://medium.com/@mastomi/antihack-me-multiple-vulnerabilities-215ec0d6f064
- https://medium.com/@maxon3/lfi-to-command-execution-deutche-telekom-bug-bounty-6fe0de7df7a6
- https://medium.com/@tungpun/client-not-client-aa448cfdedd2
- https://medium.com/@vulnerabilitylabs/bug-bounty-lfi-at-google-com-3c2e17d8c912
- https://medium.com/@zain.sabahat/exploiting-ssrf-like-a-boss-c090dc63d326
- https://medium.com/bugbountywriteup/bugbounty-journey-from-lfi-to-rce-how-a69afe5a0899
- https://medium.com/bugbountywriteup/how-we-got-lfi-in-apache-drill-recon-like-a-boss-6f739a79d87d
- https://nirmaldahal.com.np/lfi-to-10-server-pwn/?__cf_chl_jschl_tk__=931a2e1f5b600f3b2d253c98f350a7578662d3fa-1589695854-0-AetiVyjDTCFyyA1EZmRutYfU6kTO7JkS_6z2_PLwHzSDSCum0cquduC3n9hR8LMikISZrR9SlyqkY4k1aBpD8B3ywr20QVhkQ7lJrW97hTipRmEr5iilgRow5zoutUoJcII7UR0DafE69tXIXkfVETaT_BtbnoaovIATbV1r0p-iNjBbnOd1N2XidSzi2S-sEWLiHqcNUw6q7etR9aNqe1A26wVIj5Cm431IkrBdxSVNvORilqml3BT5506nhcTyNNgp5xn_XDiRm7dGWf_Bp4kqJ_WbV-ArkBwr85nomfU7
- https://offensi.com/2019/01/31/lfi-in-apigee-portals/
- https://omespino.com/write-up-google-bug-bounty-lfi-on-production-servers-in-redacted-google-com-13337-usd/
- https://paper.seebug.org/737/
- https://spenkk.github.io/bugbounty/Local-File-Inclusion/
- https://wehitharder.com/writes/how-i-found-and-reporting-vulnerabilities-to-antihack-me-by-tomi/
- https://www.noob.ninja/2017/11/local-file-read-via-xss-in-dynamically.html
- https://www.rcesecurity.com/2014/04/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss/
- https://www.rcesecurity.com/2017/08/from-lfi-to-rce-via-php-sessions/
- https://www.updatelap.com/2019/05/local-file-inclusion-in-peeringgooglecom.html
- https://www.vesiluoma.com/abusing-mysql-clients/
Add Comment
Please, Sign In to add comment