all InfoSec news
Chaining Bugs to get my First Bug Bounty
Feb. 8, 2023, 6:02 a.m. | ag3n7
InfoSec Write-ups - Medium infosecwriteups.com
First Bug Bounty
Openredirection + clickjacking + csrf -> Account Takeover
BountyHola Hackers,
This writeup is about my first bug bounty in which the submission was duplicate, even though they rewarded me for chaining the bugs and reported it with an effective approach of a real-life attack scenario.
Let’s Start
First we will discuss about the bugs which I chained together.
Open RedirectionOpen redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection …
account takeover bounty bug bug bounty bug-chaining bugs csrf vulnerability
More from infosecwriteups.com / InfoSec Write-ups - Medium
Hack Stories: Hacking Hackers EP:3
1 day, 12 hours ago |
infosecwriteups.com
Mastering Shodan Search Engine
2 days, 13 hours ago |
infosecwriteups.com
Email Verification Bypass via Remember Me
2 days, 13 hours ago |
infosecwriteups.com
Typo Trouble: Exploring the Telegram Python RCE Vulnerability
2 days, 13 hours ago |
infosecwriteups.com
Active DNS Recon using AXIOM
2 days, 13 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Physical Security Operations Center - Supervisor
@ Equifax | USA-GA-Alpharetta-JVW3
Network Cybersecurity Engineer - Overland Park, KS Hybrid
@ Black & Veatch | Overland Park, KS, US
Cloud Security Engineer
@ Point72 | United States
Technical Program Manager, Security and Compliance, Cloud Compute
@ Google | New York City, USA; Kirkland, WA, USA
EWT Security | Vulnerability Management Analyst - AM
@ KPMG India | Gurgaon, Haryana, India