Category

Bugbounty

Bug Chain Tales: P5+P5=P3

By BugbountyNo Comments

I have started the hunt few months back but after lots of hard luck. I got into one public program. I started hunting, after hunting some bugs. I got around some P5 bugs which was of no use to get reported. In this blog i will get you the idea how i turned no paying bugs to high paying.

Read More

SSTI

Fuzzing {{7*7}} Till {{P1}}

By Bugbounty28 Comments

Hello Guys, here is my first blog. This blog will be a part of series where if any interesting vulnerabilities have been found, will be added to this list. In this blog poat I have shared my views on one of my recent findings – Server Side Template Injection. This was something different than other blog posts on the internet. In this methodology I’ve specified a way to exploit SSTI where traditional methods of exploitation failed. Please make sure you read till the end to understand the working of this methodology and make sure to subscribe to my blog.

Read More