
Stealthy
@stealthybugs
Bug bounty hunter.
ID: 1176895361425690625
https://hackerone.com/stealthy/ 25-09-2019 16:24:59
119 Tweet
6,6K Followers
85 Following

Thought I'd share this remote code execution on one of the main sites for a large H1 target from a year ago. I found this one by being persistent and using Param Miner by James Kettle . After Param Miner discovered the header it was all manual testing to detect the template engine













