Day 70 comes with HTTP Smuggling to Steal Access Token and SSRF on Vimeo.
HTTP Smuggling to Steal Access Token
SSRF on Vimeo
From Sam (CoffeeJunkie). Looking for some more content to consume and learn. I came across this writeup from Harsh Jaiswal which talks about a great SSRF found on Vimeo. I was excited reading this write up due to couple bugs that Harsh Jaiswal had to chaing such as path traversal, open redirect, and at the end obtaining a pretty cool SSRF. One of the greatest impact with this SSRF to hit Google metadata API and using the token to add the attackers SSH key to the instance. Full write up here. Enjoy it!