Published inInfoSec Write-upsRCE on a Laravel Private ProgramThe recent Laravel CVE enables remote attackers to exploit a RCE flaw in websites using Laravel. I’ve read the article about the…Feb 20, 20211Feb 20, 20211
Published inInfoSec Write-upsTaking down the SSO, Account Takeover in 3 websites of Kolesa due to Insecure JSONP CallHello, this post is about how I could take-over any account of Kolesa’s websites using Single Sign-On. There was an insecure JSONP call…Sep 28, 20201Sep 28, 20201
Published inInfoSec Write-upsStory of a 2.5k Bounty — SSRF on Zimbra Led to Dump All Credentials in Clear TextThis post is about how I and my friend got roughly 2500$ from Cafebazaar bug bounty program.Jul 2, 20202Jul 2, 20202
Published inInfoSec Write-upsBroken Authentication in Mobile ApplicationFew months ago I had a penetration test project of a mobile application. I found an interesting vulnerability which made me capable of…Apr 16, 2020Apr 16, 2020
Published inInfoSec Write-upsASIS CTF — ShareL WalkthroughHello, The reader of this walkthrough should know these topics:Nov 18, 20191Nov 18, 20191
Published inInfoSec Write-upsASIS CTF — Protected Area 1 & 2 WalkthroughHello, The reader of this walkthrough should know these topics:Nov 17, 2019Nov 17, 2019
Published inInfoSec Write-ups1-Click Account Takeover in Virgool.io — a Nice Case StudyHello, Virgool is a light, Iranian version of meduim.com, recently I found 1-click account takeover vulnerability in their product.Jun 27, 2019Jun 27, 2019
Published inInfoSec Write-upsDigging Android Applications — Part 1 — Drozer + BurpHello, in this post I’m going to solve the first section of Andrill:Jun 7, 20192Jun 7, 20192
Published inInfoSec Write-upsAndroid Hook — ASIS CTF Final 2018 — Gunshops Question WalkthroughThe participants were given an APK named GunShop.apk. Opening the APK in Android showed a login page. We went on analyzing the application.Nov 26, 2018Nov 26, 2018
Published inInfoSec Write-upsNodeJS SSRF by Design Flaw — ASIS Final 2018 — SSLVPN Challenge WalkthroughThe participants were given a URL, opening the URL led to a login page. The main idea of the challenge was exploiting an SSRF…Nov 26, 20182Nov 26, 20182
Published inInfoSec Write-upsNodeJS SSRF by Response Splitting — ASIS CTF Finals 2018 — Proxy-Proxy Question WalkthroughHi everybody, this story is about the question named “Proxy-Proxy” given to participants in ASIS CTF Finals 2018. The question began with…Nov 26, 2018181Nov 26, 2018181
Published inInfoSec Write-upsAdminer Script Results to Pwning Server?, Private Bug Bounty ProgramIf an adminer script is left in a server, most likely the server will be pawned soon. In this story, I want to introduce a technique in…Aug 11, 20182983Aug 11, 20182983
Published inInfoSec Write-upsLatex to RCE, Private Bug Bounty ProgramI had participated in a private bug bounty program about one year ago, I want to publish what I’ve learned from. The CMS was a journal site…Jul 6, 20181941Jul 6, 20181941
Published inInfoSec Write-upsNodeJS Application Pentest Tips - Improper URI Handling in ExpressWeb application penetration test methodologies have many concepts/tests in common. However, each language and infrastructure has its own…May 20, 2018461May 20, 2018461
Published inInfoSec Write-upsMongoDB Injection — ASISCTF 2018 Quals — Personal Website Write-Up (WEB Task)The participants were given following question.Apr 30, 20182771Apr 30, 20182771
Published inInfoSec Write-upsWAF Evasion — Base64 Parameter — ASISCTF 2018 Quals — Good WAF Question Write-Up (Web Task)The participants were given following question.Apr 30, 2018110Apr 30, 2018110
