Real world report PoCs
You can read these real world RCE PoCs to better understand how the bug is exploited in the real world scenarios
How we broke PHP, hacked Pornhub and earned $20,000 by Ruslan Habalov
Alert, God-like Write-up, make sure you know what is ROP before clicking, which I don’t =(
RCE deal to tricky file upload by secgeek
WordPress SOME bug in plupload.flash.swf leading to RCE in Automatic by Cure53 (cure53)
Read-Only user can execute arbitraty shell commands on AirOS by 93c08539 (93c08539)
Remote Code Execution by impage upload! by Raz0r (ru_raz0r)
Popping a shell on the Oculus developer portal by Bitquark
PayPal Node.js code injection (RCE) by Michael Stepankin
Command Injection Vulnerability in Hostinger by @alberto__segura
RCE in Airbnb by Ruby Injection by buerRCE
RCE in git.imgur.com by abusing out dated software by Orange Tsai
$20k RCE in Jenkin Instance by @nahamsec
JDWP Remote Code Execution in PayPal by Milan A Solanki
How I Hacked Facebook, and Found Someone’s Backdoor Script by Orange Tsai
uber.com may RCE by Flask Jinja2 Template Injection by Orange Tsai
Yahoo Bug Bounty – *.login.yahoo.com Remote Code Execution by Orange Tsai (in Chinese)
Google App Engine RCE by Ezequiel Pereira
Exploting ImageMagick to get RCE on HackerOne by c666a323be94d57
Trello bug bounty: Access server’s files using ImageTragick by Florian Courtial
Microsoft Apache Solr RCE Velocity Template By Muhammad Khizer Javed
Reference: https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
Last updated