Topic: Bug Bounty for my Home Server. Can only Pay in iota..$25 us (Read 214 times)
Sorry for late reply (due to work)
I got in contact with the distributors of the search and told them about the bug
They made some changes. So hopefully its all fixed..
Could you reproduce the bug?
Thank you very much!
URL: http://udopage.com/ssep/index.php
Method="POST"
data="isajax=1&sugest=xxx"
Parameter BUG: sugest
Payload(Bitcointalk does not allow me to place the payload): https://i.ibb.co/hcS58QN/p-iota.png
Type Vulnerability: SQL Injection Boolean
The problem is that it is not filtered correctly in some parameters, and with a type of vulnerability like this, you can extract data from the server databases.
URL: http://udopage.com/ssep/index.php
Method="POST"
data="isajax=1&sugest=xxx"
Parameter BUG: sugest
Payload(Bitcointalk does not allow me to place the payload): https://i.ibb.co/hcS58QN/p-iota.png
Type Vulnerability: SQL Injection Boolean
The problem is that it is not filtered correctly in some parameters, and with a type of vulnerability like this, you can extract data from the server databases.
IOTA: FUIVHP9YPIQEFJWDISSJGYRORVLBYLZRCROHIDVPJJNSJHFCKVMPJJLASGV9VXRULJIVATQHJUI9JXO SCDURNSYBZC
Remove the space between "FUIVHP9YPIQEFJWDISSJGYRORVLBYLZRCROHIDVPJJNSJHFCKVMPJJLASGV9VXRULJIVATQHJUI9JXO" and "SCDURNSYBZC"
Remove the space between "FUIVHP9YPIQEFJWDISSJGYRORVLBYLZRCROHIDVPJJNSJHFCKVMPJJLASGV9VXRULJIVATQHJUI9JXO" and "SCDURNSYBZC"
that's not a valid iota address. Its 91 characters long. Iota is 90
I do appreciate your help.
Ive taken my site down and would appreciate knowing what you did.
Its up to you but I want to share with many people how wonderful these coins are
and would like our interaction to be here.
I appreciate your need for privacy of tools and techniques.
Please try with another address. Its got to be an iota address.
Thank You..
I do appreciate your help.
Ive taken my site down and would appreciate knowing what you did.
Its up to you but I want to share with many people how wonderful these coins are
and would like our interaction to be here.
I appreciate your need for privacy of tools and techniques.
Please try with another address. Its got to be an iota address.
Thank You..
Thank you very much! I wish we could have contact by some other means (discord, email, etc.) To give you detailed information about this.
Wallet IOTA: GRELNOAVDELGRVFFPXLGWWYWIGARGYZDHYKYUMNDDHWFZAVEBCOH9MQXBCEWEARCVEXVCSNQZNZVDHP CXJUYHOFROW
Wallet IOTA: GRELNOAVDELGRVFFPXLGWWYWIGARGYZDHYKYUMNDDHWFZAVEBCOH9MQXBCEWEARCVEXVCSNQZNZVDHP CXJUYHOFROW
Wow.. Cool
thank You so much. If its OK post your iota receive address here. Or PM it to me.
I'm ready to send you $25 American..
I don't do discord..
thank You so much. If its OK post your iota receive address here. Or PM it to me.
I'm ready to send you $25 American..
I don't do discord..
Hi, good day. I can help you with that. For better dialogue contact me through discord.-
Hi
I have my own homer server running from a Raspberry Pi.
I want to pay someone to fine any exploits on my site that gives them the ability to edit my site I'll will pay $25 in iota only.
Joining the forums and making an edit is not an exploit. The same goes for the feed back page.
You must tell me how you did it.
This is a one off payment to the first person who edits my site and posts poof in this thread so I can correctly determine who is first.
Sorry Guys, I will try to pay more in future. I'm just testing the water.
Have fun. My site is....
http://udopage.com/
I have my own homer server running from a Raspberry Pi.
I want to pay someone to fine any exploits on my site that gives them the ability to edit my site I'll will pay $25 in iota only.
Joining the forums and making an edit is not an exploit. The same goes for the feed back page.
You must tell me how you did it.
This is a one off payment to the first person who edits my site and posts poof in this thread so I can correctly determine who is first.
Sorry Guys, I will try to pay more in future. I'm just testing the water.
Have fun. My site is....
http://udopage.com/
Jump to: