We are building EduLadder(ELADR) - Protocol

The Eladr Protocol is a decentralized, security and efficiency enhanced Web3 noSQL database powered by IPFS as the data storage layer https://ipfs.io/, and the Cardano block chain as the rewards token platform, https://cardano.org/. It provides a JSON based, IPFS layer 2 solution for data indexing and retrieval in an 'append only' file system built with open source Node.js API libraries.

Eladr tokens are designed to incentifised community members as a proof of contribution. Using that they can access diffrent infrastructure built on top of eladr


Using this You can,Buy courses,Reward others and exchange for real money.


WHITE PAPER Buy Now

Real Problems! Real Experts!

Join Our Telegram Channel !


The Eduladder is a community of students, teachers, and programmers. We help you to solve your academic and programming questions fast.
In eduladder you can Ask,Answer,Listen,Earn and Download Questions and Question papers.
Watch related videos of your favorite subject.
Connect with students from different parts of the world.
Apply or Post Jobs, Courses ,Internships and Volunteering opportunity. For FREE
See Our team
Wondering how we keep quality?
Got unsolved questions? Ask Questions
ELADR beta version launched

We launched Anonymous immutable internet on eladr protocol

For any question or query please joinOur Telegram Channel !


Try BETA
Youtube Videohttps://www.youtube.com/watch?v=ySLPZu3Jxro

Our Github Repo
FrontEnd BackEnd

We are looking for some great and cool people to work with us. Please sent your resume to admin@eduladder.com

Bug-bounty-program-->View question

Can I escalate a main domain SSTI/RCE to all the subdomains belonging to that domain? BUG BOUNTY QUESTION

Can I escalate a main domain SSTI/RCE to all the subdomains belonging to that domain? 


Asked On2022-02-28 15:51:57 by:Sheethal-

Taged users:


Likes:
Be first to like this question

Dislikes:
Be first to dislike this question
Talk about this  Like  Dislike
View all questions
Answers

As you should know, "subdomains" means that the IP addresses assigned to these subdomains may be different (although it's not mandatory). Imagine an fictional "mastercard.com" website that has the subdomain "us.mastercard.com" for US, "ru.mastercard.com" for Russia, "ae.mastercard.com" for UAE and so on. Each and every of these subdomains might be having a different IP address, different infrastructure (OS / web server), and even different technological stack (one domain might have content which is dynamically generated by PHP, and another may have static HTML content). This is actually quite a common case, especially for huge international corporations or franchise businesses, when different countries / business branches are acting independently on their own behalf.

On the other side, subdomain can be hosted on the same web server, maintained by the same team, and developed using the same code base as the top-level domain. This is also something that is quite widespread.

Of course, it is absolutely clear that in the first case you will not be able to reproduce your exploit on the subdomain, while in the second one you might stand a big chance doing so.

Unfortunately, your question lacks important details to address your situation in particular. So, I suggest you start from determining whether your subdomains are actually hosted on the same infrastructure, and using the same technological stack (if you're lucky, some fingerprinting techniques will help you here). If all looks different - your chances are really slim. If everything is the same - then you should try to exploit again and again and again, researching and adapting your attempts, as in any pentest. And if you discover that all the subdomains point towards the same server and same port as the main website - then most probably they are served by one server, and executing command on it (which you can do already) might be accepted as finding (just prove that you can view / modify the information related to the subdomains in scope). There are some legal risks here, probably, that require attention - but if the company is running bug bounty program, I would expect they have at least some common sense.


Answerd on:2022-03-07 Answerd By:Raj-Gupta

Likes:
Be first to like this answer

Dislikes:
Be first to dislike this answer
Talk about this  Like  Dislike

You might like this video:Watch more here

Watch more videos from this user Here

Learn how to upload a video over here



Lets together make the web is a better place

We made eduladder by keeping the ideology of building a supermarket of all the educational material available under one roof. We are doing it with the help of individual contributors like you, interns and employees. So the resources you are looking for can be easily available and accessible also with the freedom of remix reuse and reshare our content under the terms of creative commons license with attribution required close.

You can also contribute to our vision of "Helping student to pass any exams" with these.
Answer a question: You can answer the questions not yet answered in eduladder.How to answer a question
Career: Work or do your internship with us.Work with us
Create a video: You can teach anything and everything each video should be less than five minutes should cover the idea less than five min.How to upload a video on eduladder