Infosec Guys

Weaponizing XSS Attacking Internal System                               Courtesy of  BruteLogic  ❤ Few week ago I was talking to a friend of mine when he gave me a subdomain that had an admin panel and asked me weather I could find a way to get inside, Why not give it a try. So I stared my recon by doing Directory Scanning , Checking SQL injections , Checking if there is some vulnerable libraries and finally Shit but I was curious to know more about it and I went to GOOGLE and searched for the company and gathered more info about the company even gave a connection request to the CTO via LinkedIn (we will get to the CTO in a minute) While looking at the company website I saw a support panel where I can submit tickets somewhere in my head I was having a voice saying its vulnerable and I should test it. Hmm May be a Blind XSS so i went to my  XS...

Writeup By Ratnadip Gajbhiye . I’m not telling any story about my life and I also know you don’t intrested to listen who am i..😋 I always believed that sharing is caring, so i decided to share my findings with you as it might help others who started in the Bug Bounty journey. As you already know We are seeing a lot of noise again regarding the Uploadify script vulnerabilities affecting some WordPress themes/plugins. What is Uploadify :- Uploadify allows anyone to upload anything they want to your site without any authentication. First of all, I want to tell you that ... before entering a bug Bounty field, I was a black hat hacker and I hacked and defaced many websites ... so I have information about that How to upload shell in the website... I always use black hat techniques for hunting bug like admin panel bypass etc... :V I never Target a main domain, i always Target subdomain..😅 So one of my friend Ma*** gave me this site for securi...

Hi,Guys Today. I will proudly share to you, how I was successfully takeover microsoft store page, i have been learning from diffrent security researchers write-up in the bug bounty field, so i decided to share my few findings with you as it might help others who started in the Bug Bounty journey. The bug i wanna share with you, it was new to me hence i never came across any bug like this throughout my reading from other researchers write-up. From low impact to store takeover, “this how i may call it” The first tool I used to identify the vulnerable of a domain was  https://github.com/aboul3la/Sublist3r Running on my android through TERMUX I am recommending you to have it on your smartphone you can download it here  https://play.google.com/store/apps/details?id=com.termux Let’s the game started: I was not a full time bug hunter, so i usually start looking a bug when i have time so this time, i started my recon on flipgrid.com. What is flipgrid? Flipgr...

Heading: Object name Or Internal Architecture Getting Exposed because Of Deserialisation Error NOTE: Usually i only copy/paste my conversation in medium am not having enough time to write these blog posts properly i am sharing this only for learning purpose not for earning my followers. 😐 👊 Hi, I am Rohit Kumar a Security Researcher and Bug Hunter from India. Vulnerability:  Information Disclosure &   Internal Architecture Disclosure — — — — — — — — — — — — — — — - Reproduction Steps — — — — — — — — — — — — — — — - 1. Login into =>  https://developer.ing.com 2. Now go to your Profile for Updating it 3. Edit your name and save it (At this step intercept your request using burp suite) 4. Now, At this endpoint PATCH  /individuals/791345bc-9444–4edc-9955–1b78e86fddfd/individualNames/EifQPFiEYfMiU- 3FODj3sT736QkPuGe4nigpckH2fEqkaitoTfuLjGG3Lu9UDN84DDCkrGf0y8Lx89HLHcUrFfcb HTTP/1.1 Host:  api.developer.ing.com You will notice a js...

One of the most interesting (and sometimes scary!) parts of my job at Mozilla is dealing with security bugs. We don't always ship perfect code – nobody does – but I'm privileged to work with a great team of engineers and security folks who know how to deal effectively with security issues when they arise. I'm also privileged to be able to work in the open, and I want to start taking more advantage of that to share some of my experiences. One of the best ways to learn how to write more secure code is to get experience watching code fail in practice. With that in mind, I'm planning to write about some of the security-bug stories that I've been involved in during my time at Mozilla. Let's start with a recent one:  Bug 1447452 , in which some mishandling of unicode characters by the Firefox Accounts API server could have allowed an attacker to make arbitrary requests to its backend data store. The bug: corruption of unicode characters in HTTP request path It...