Titicacameer, Peru

3 years ago

Het Titicacameer ligt op zo'n 3800 meter boven de zeespiegel in de Andes op de grens van Bolivia en Peru. Het is het grootste meer van Zuid Amerika en het hoogst gelegen commercieel bevaarbare meer ter wereld. In het meer liggen meer dan 40 kleine eilanden, waaronder Isla del Sol, Amantaní en Taquile. Het Titicacameer is ook de thuishaven van de Uros-Indianen die hier op rieteilanden leven en veelvuldig worden bezocht door toeristen. Ik ben zelf een aantal dagen in het Boliviaanse gedeelte op Isla del Sol geweest, maar deze foto heb ik gemaakt in Puno, Peru. Lago Titicaca, een heel mooi plekje op deze aardbol!

Peru

- Yoors Security - Disclaimer: This post is intended for security researchers & testersScopeEligible domainsyoo.rsVulnerabilities that we accept:✅ Stored or reflected Cross-Site Scripting✅ CSRF/XSRF✅ SQL injection✅ S3 bucket uploads✅ Remote Code Execution✅ Authentication Bypass✅ Unauthorized data access✅ User enumerationVulnerabilities that we don't accept:❌ "Self" Cross-Site Scripting❌ Missing best practices in DNS configuration (DKIM/DMARC/SPF/TXT)❌ Denial of Service (DOS) attacks❌ Vulnerabilities in third party applications that integrate with Yoors❌ Rate limiting❌ Non-security-impacting UX issues❌ Social Engineering attacks❌ Insecure cookies❌ Only affecting outdated browsers/platforms/frameworks❌ Considered by the Yoors staff to be of low severityRulesTake responsibility and act with extreme care and caution. When investigating the matter, only use methods or techniques that are necessary in order to find or demonstrate the weaknesses.You must be the first one that reported the vulnerability Do not use weaknesses you discover for purposes other than your own investigation Do not use social engineering to gain access to a system or a Yoors account Do not install any backdoors – not even to demonstrate the vulnerability of a system Do not alter or delete any information in the system. If you need to copy information for your investigation, never copy more than you need. If one record is sufficient, do not go any further Do not alter the system in any way If you do manage to infiltrate a system, do not share access with others Do not use brute force techniques to gain access to systemsHow to reportProvide your IP address in the report. This will be kept private for tracking your testing activities and to review the logs from our sideYou can report weaknesses to us by email: security@yoo.rsDescribe the found weakness as explicit and detailed as possible and provide any evidence you might have, so that we can reproduce itWe will not accept only automated scanners output as evidenceParticularly include the following in your e-mail:Which vulnerabilityThe steps you undertookThe entire URLObjects/files that were involvedVideos and/or screenshots of an attack are highly appreciated