$6,5k + $5k HTTP Request Smuggling mass account takeover - Slack + Zomato
📧 Subscribe to BBRE Premium:
✉️ Sign up for the mailing list:
📣 Follow me on Twitter:
HTTP request smuggling is a technique used to find vulnerabilities in bug bounty programs and penetration tests, rediscovered by portswigger in 2019. In the video I present and explain two reports from Hackerone that show how a bug hunter hacked Slack and Zomato, earning $6,500 and $5,000 respectively.
Follow me on twitter:
Original reports:
Reporter:
Smuggler tool:
RFC:
#section-4.4
Timestamps:
00:00 Intro
00:26 HTTP Request Smuggling
03:25 Slack’s report
06:30 Zomato’s report
1 month ago 00:00:00 1
1 month ago 00:08:34 1
1 month ago 00:23:18 1
1 month ago 00:00:00 1
![RESIDENT EVIL 2 1998 [6] (СТРИМ НА ЗАКАЗ)](https://sun9-41.userapi.com/XlKnbEbGkiEoixfzAZ-v7cxUIn4oINTBYFz8NA/mXPvhuMaL80.jpg)
1 month ago 00:03:16 3
1 month ago 00:13:12 1
1 month ago 00:03:03 1
![CAMO - K-PACK [Official Music Video]](https://sun9-59.userapi.com/Bvv-_VO2F8YMeNwdHKR_R3nXyUSM14Czqd4B1Q/FQct90pgWCA.jpg)
1 month ago 00:40:50 1
1 month ago 00:00:00 2
1 month ago 00:11:57 1
1 month ago 00:02:53 1
1 month ago 01:38:01 1
1 month ago 00:00:00 1
1 month ago 00:00:46 2
1 month ago 00:22:42 55
1 month ago 00:13:58 1
1 month ago 00:31:02 1
1 month ago 02:59:54 1
1 month ago 01:20:23 1
1 month ago 00:00:00 1
1 month ago 02:19:24 1
1 month ago 00:21:07 1
2 months ago 00:14:23 1
2 months ago 00:46:30 1
