Where are all the RCEs? RCE case study

📚 Full case study: http://members.bugbountyexplained.com...
📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw

This video is a part of an RCE case study where I studied 126 disclosed RCE bug bounty reports to learn how are people actually making money with RCEs. In this video, I go through different functionalities in which RCEs were common.

Videos:
   • $50,000 0-day RCE on Apple bug bounty...  
   • $25,000 GitHub pages RCE via YAML fil...  
   • $20,000 RCE in GitLab via 0day in exi...  
   • How to turn SQL injection into an RCE...  
   • What functionalities are vulnerable t...  
   • $130,000+ Learn New Hacking Technique...  

🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do

Timestamps:

00:00 Intro
00:27 Imports/Sharing
2:36 Other
3:50 File uploads
6:56 Authentication
8:59 High-privilege funcionality
10:43 Cloud
11:35 Templates
12:41 SQL query
13:17 Installing packages
15:44 0day
16:38 Image processing
18:14 Executing commands/code
20:25 SMTP/DB configuration
21:29 Making requests
23:14 Headless browser