Video wird geladen...
Video konnte nicht geladen werden
How to manually check for CL.TE Request Smuggling Vulnerabilities: 1️⃣ See if a GET request accepts POST 2️⃣ See if it accepts HTTP/1 3️⃣ Disable "Update Content-Length" 4️⃣ Send with CL & TE headers: POST / HTTP/1.1 Host: Content-Length: 6 Transfer-Encoding: chunked 0 G 5️⃣ Send request twice. If... show more
27,902 Aufrufe • vor 11 Monaten •via X (Twitter)
0 Kommentare
Keine Kommentare verfügbar
Kommentare vom Original-Post werden hier angezeigt
Ähnliche Videos
10:08
Sensitive content
Models/Artists: EXCITING AND MAJOR NEW ANNOUNCEMENTS 1. You can now upload any zip or pdf file to sell in your store or include in a post, up to 2gig. 2. The Media Center now has a “Files” category where you can see the files you have uploaded, create a post or a store item. 3. There are new Art categories you can choose when posting a product for sale, and that users can use to search the store. These will evolve over time and we know they don’t cover every use case yet. 4. There is a new Artists page that lists the artists on the site. There aren’t many yet, but this will obviously grow a lot. 5. The verification process now has better instructions for artists vs. video creators. 6. When you sign up, you choose whether you are an artist or on-screen talent. If you already have your account and need to update this, reach out to customer service and they can do it for you. If your current artwork fits within our TOS, go ahead and start selling your works now on JFF. If you aren’t sure, we hope to have clarity around our TOS this week, so please be patient as we get that done. Folks, this is Phase I, and we’ve done this all since Friday to try to help the NSFW artists in our community. There will be more phases as we see what is needed. We are doing our best, so if something you want isn’t there yet, send a note to customer service and help us build this area out on the site over time. We hope Phase I meets a good percentage of your immediate needs to start earning money. But we also know that our site, like ALL adult sites, will have content restrictions that will exclude some of you. That’s not our choosing or our doing. But if we want to keep our credit card processors and not deplatform *everyone* (like other sites just did) then we need to play by their rules. That sucks and we are sorry about that. We use adult processors, so we have a lot fewer restrictions than the other sites that are deplatforming ALL NSFW content. For those of you new to the site, we have made a VIDEO TUTORIAL (thank you, Alice Skary) on how to upload files, post them for sale, set your store as the default view of your profile, etc. You can watch that here:
JustForFans
459,289 Aufrufe • vor 2 Jahren



![How to Find Path Delimiter Issues with Burp Suite Intruder Sometimes web servers treat special characters (like ; or ?) differently in URLs. This can lead to security issues like web cache deception or access control problems. Here's how you can test for path delimiter discrepancies: 1️⃣ Capture the Request Find a request you want to test GET /my-account HTTP/2 2️⃣ Right click the request and "Send to Intruder". In Intruder, highlight add a new position after /my-account followed by abc. It should look like this: GET /my-account§§abc HTTP/2 Attack Type = Sniper (only changing one spot). Payload: Paste a list of special characters, like this: ! # $ % & ' ( ) * + , - . / : ; = ? @ [ \ ] _ ~ ... A full list of delimiters can be found here: 3️⃣ Start the Attack Press Start Attack. Look at the Status, Length, and Response columns. Watch for differences (like bigger/smaller pages, changes to status code or different behavior) and if you notice something different then you've likely found a delimiter discrepancy! 🎉 Why is this important? When special characters confuse the server or cache, you might find: 🔸 Web cache deception: Caching personal pages by accident 🔸 Access bypass: Skipping security checks 🔸 Leaked info: Seeing data you shouldn't Try this lab for yourself and dive even deeper into how to exploit this when you find it: #BugBounty #WebSecurity #BurpSuite #EthicalHacking #Cybersecurity](https://image.24vids.com/tw-1919142786885943404/media/GqIqLRLXIAAdsLM.jpg)