Pentester • Bug Hunter • Security Enthusiast Just another noob post.

From Unvalidated Redirect and Parameter Tampering to Account Takeover

In this simple write-up, I would like to tell how I found an Account Takeover vulnerability with a unique method. There's no special or unique bypass thing. Just try to find another exploitation way.

How I accidentally found Bug in Google Search Console

In this simple write-up, I would like to tell how I found an Access Control bug in the Google Search Console application, where I can get information related to the domain that I added to the application even though I did not successfully verify the domain.

XSS to Account Takeover - Bypassing CSRF Header Protection and HTTPOnly Cookie

When doing a Bug Hunting and finding a Stored XSS bug, usually the imagination will get a big enough bounty has been spinning around on the head. But sometimes the imagination fades when we try to insert document.cookie into the XSS payload, and what appears is..

Exploiting Cookie Based XSS by Finding RCE

While doing Bug Bounty Hunting, I found a Cookie Based XSS Vulnerability on a website. Cookie Based XSS basically is a Self XSS. It will be very unfortunate if the findings were reported and only got Very Low Severity, which for the severity, there was no Bounty or Points given.

AWS Metadata Disclosure via "Hardcoded Host" Download Function

Sometimes, when visiting a website, we find a link to download files from that site. The downloaded file can be a guide, tutorial, or another document.

Reflected XSS on Error Page

Sometimes to exploit an XSS (specifically Reflected XSS), we are focused on finding input pages such as Search Columns and etc. to find out is that form has an XSS vulnerability or not.

How I Found Multiple Vulnerabilities on AntiHack.Me is a Singaporean Bug Bounty Platform site. After seeing this platform well known, I decided to create an account there. After successfully creating an account, the user will be provided with information regarding the Bug Bounty Program found at AntiHack, and the AntiHack site itself is included in the program.