Hey Guys, So This blog is a short blog about a P1 issue i found in a site it was a really simple and maybe a common issue, So I got invited to a site and the first thing i mostly do is to check github.com for issues related to that site & also…
Privilege Escalation like a Boss
Hello guys, This is Jay Jani and after a long time, I am back with one of my finding. This one is simple Privilege Escalation on a private program of HackerOne. PS : This post is for Noobs like me so Leets please ignore the post :/ So I was invited to participate…
Subdomain Takeover via Unsecured S3 Bucket Connected to the Website
Hey Guys, So This Blog is Basically About an issue i found in a web where a missing file and an Unsecured S3 Bucket connected to that website gave me a way to takeover that subdomain without a Subdomain Takeover Vulnerability, So Let’s begin So I was testing a private program when i…
IDOR User Account Takeover By Connecting My Facebook Account with victims Account
Hey Guys Its Me Khizer again So This Blog is about an IDOR issue i found in a Web where changing the User ID in Facebook auth callback linking request actually connects my Facebook Account to the Victims Site Account so By this i could get complete access to User Account. So Let’s start what…
Authentication Bypass Using SQL Injection AutoTrader Webmail – Bug Bounty POC
Hey guys Me again with a Short POC about Login Bypass Using SQL Injection to get Access to AutoTraders Webmail so lets begain the POC will be short. What happened was i was working on AutoTraders Bug Bounty Program and had reported a couple of issues but all were Duplicate so i was checking subdomains…
ZOL Zimbabwe Authentication Bypass to XSS & SQLi Vulnerability – Bug Bounty POC
Hey Guys! Me Back with a New Post This One is about an Authentication Bypass Vulnerability in one of the subdomains of https://zol.co.zw/ ZOL Zimbabwe and Then got an XSS following with an SQLi in that Control Panel. So The Main Focus of this Blog Post will be on How i got access to the…
SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC
Hey Guys, So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied to a tweet about a Swag pack As Some of you guys already know How Attractive such Tweets are so i decided to Test…
RCE Unsecure Jenkins Instance | Bug Bounty POC
Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this (Will share some more recent issues in a few days 🙂 ) So i want this Write Up to be concise.. to Let’s Just say I was checking subdomains of a site and …
Edmodo official number for custom text messages to any number around the world!
Hello 1337s, I hope you all are doing good and hunting websites. Today I’m going to tell you about a very interesting finding which was very simple and I never expected that it could really exist there. I was hunting Edmodo nine months back and after various tests and techniques, I was unable to find…
IOS 11.4 Siri Auth Bypass | CVE-2018-4238
So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across a setting under Settings > Siri > WhatsApp>”Use With Siri” I turned it on and locked my iPhone just to see if i can use…