Product Affected: https://cse.google.com Vulnerability: XSS (Stored with user interaction) Every bug that ever reported have some realized or unrealized inspirations. It can be a person, bounty, write-up or anything. In my case the inspiration was Google Vulnerability Research Grant that was rewarded to me prior to BountyCon 2019. I started looking for subdomain and landed... Continue Reading →
Journey through Google referer leakage bugs.
Hi there, This write-up is a walk-through to the misconfiguration which leaks sensitive URL through referer header.This affected various Google products and has been fixed now. Generally, Google have a feature to share documents through "shareable links". Which means you can generate an unique link for your project or document and share it. The person... Continue Reading →
Red Team Village CTF- Decfon dc0471x002 (write up)
We had a great day at Defcon Trivandrum (dc0471x002) event.This writeup is about the awesome CTF conducted by Red Team Village. You can visit them here: https://www.redteamvillage.org . The event started by 11 am (if Iam not wrong) and was set to complete by 4 PM. We made a team together and joined the event.... Continue Reading →
Facebook’s New Feature To Create Fake Account.
Hello hardcore infosec blog readers, Iam here with yet another failure bug report to Facebook. So what about it??.. This bug allows hackers/spammers to create fake accounts officailly through Facebook. We can do this using Facebooks feature for bug hunters called test account. Wait I can hear you thinking "it can't communicate with real... Continue Reading →
Account takeover bug in one of ebay acquisition(stubhub)
It all started when i thought of checking ebay acquisitions for any security issues.I came to know that stubhub was one of ebay acquisition. I checked whether it is known to have any issues in login form.So i fired up my fiddler web debugger and tried to intercept the request.But all of a sudden one... Continue Reading →
Exploiting CORS misconfiguration and stealing auth token in Career.microsoft.com
Hello folks, I was doing a recon on one of microsoft subdomain(career.microsoft.com) a few months back for any security issues.I noticed they have a social login plugin for signing in.I found that there was a misconfiguration in CORS header which can be exploited to harvest sensitive information including the logged in user's username,email id,and authentication... Continue Reading →
DOM XSS in Facebook Mobile Site(app-login)
I was recently targeting adobe website for any vulnerabilities.I came to know that they were using (facebook/gmail) login to sign in instantly.when i clicked the ‘signin with facebook’,Facebook app login page was loaded.I just checked the url and saw there was a ‘cancel_url’ parameter,Which holds the url to which it redirects if the user choose... Continue Reading →
WordPress Bookdice Plugin Vulnerable To Persistent XSS
Yes , you're hearing right. This is a codecanyon script and it is vulnerable to Persistent XSS. Vulnerable Plugin Link : https://codecanyon.net/item/appointment-booking-and-scheduling-for-wordpress-bookdice/20682459 What is the risk of persistent xss : The damage that Persistent XSS can do is more devastating than the damage done by Non-Persistent XSS – because once the payload is stored, it... Continue Reading →
Warning:- Dumb Bugs here!!! When you see this title you may think “Sreeram is a LEET hacker and there bug must be something serious bug” Obviously you’re wrong, neither I’m not leet nor its a tough finding. If you’re expecting some awesome findings here or looking to learn something new from this page, you can... Continue Reading →
What the hell this blog is about???
Cyber attack has become the major threat to the world.As per the recent survey, each day about one million cyber attack are taken place and corporates are paying billions of dollars to protect their data. White hat hackers/bug hunters are the cyber security experts or simply super heroes who strives hard to protect the world... Continue Reading →