How I got intrigued to hack Crypto Ground when I failed to enter into college competition
Date — 12/25/2018
Back story, a friend filled some random form for me, it was a college competition over cryptos. Okay no big deal, everybody loves cryptos, right?
It all started at night while I was watching Mr. Robot — Season 2 while a message arrived that I was added…
Patience is indeed* a virtue — bug bounty
I found a race condition flaw which caused browser to preserve the address bar and to load the content from the spoofed page. Address bar spoofing allows for attacks where a malicious page can spoof the identify of another site.
Summary
During my testing, it was observed that the browser allowed…
Hacking Medium #1: Exported Android Activity Fiasco
As we all know exposing activities can lead to various attack scenarios. If you don’t know what is an Android activity, listen to Google explaining it briefly —
“The Activity class is a crucial component of any Android app, and the way activities are launched and put together is a…
Catching a low-hanging juicy fruit through Options Bleed
Date reported — 02–07–2019
# Vulnerable Software — Apache
# CVE: CVE-2017–9798 / USN-3425–1 “OptionsBleed”
# Type — P1:Sensitive Data Exposure + P5:Fingerprinting/Banner Grabbing
# Domain Affected — *.unesco.org
# Tested — https://en.unesco.org (193.242.192.49)
Summary
Options Bleed is a use after free error in Apache HTTP that causes a corrupted Allow…
…and the idiocy that followed
Date reported — 2019–08–29
Summary
Firefox Lite 1.9.2 for Android and earlier suffer from exhaustive Address Bar Spoofing, allowing attackers to potentially trick a victim into visiting a malicious domain for legitimate domain name. Firefox Lite is almost installed on more than 10M devices.
Impact
URL Address Bar spoofing is the worst…
This attack can be used to detect if victim is using incognito mode in latest version of Chrome (77.0.3865.90) by the time of discovery by me exactly a year ago in Sept 2019 by abusing web_accessible_resources. The research can be find over 0x48piraj/PwnHouse.
Anatomy of res-block attack
Sometimes developers share package resources of their…
Another Classic From “Hacking Colleges For Fun” Series
Back Story
COVID-19. College closed. Everything Quarantined. How to take tests? Voila. Online. Okay, but how? Tadaa.
We were sent an email regarding a new platform which was indigenously built just for us, the students for carrying out the quizzes. Soon enough, I was bombarded to do something about that. I was…
Hacking user-base of 1,214,000+ including Sony, Dell, Cisco, DHL, Yale, University of Phoenix
Original timeline: August 2018 — September 2020
I remember last year (2018) getting all frustrated by those idiotic subjects which don’t made any sense to what I was interested in and thus, I loved making final year projects, completing company recruitment challenges and solving quizzes of seniors. If interested, you…
Write-up of all the TJCTF-2018 challenges
I deleted all my repositories on walk-through over CTF challenges and now am blogging them away.
TJCTF 2018
TJCTF is a Capture the Flag (CTF) competition hosted by TJHSST’s Computer Security Club. It is an online, jeopardy-style competition targeted at high schoolers interested in Computer Science and Cybersecurity.
Problem List
Table of Content
- Blank (5 points)
- Trippy…
Using Jiraffe security tool to find low-hanging fruits
Introduction
Months ago I discovered a flaw hackers can use to access Samsung’s and LG Electronics internal bug tracking and project management instances running on Jira. The flaw only takes a couple of commands to potentially access intranets, cause XSS and anything that SSRF can cause, including something such as,
https://public.example.com/proxy?url=admin-panel.example.com
Piyush Raj ~ Rex
Google Code-In C. Winner. GsOCer ‘19. Independent Security Researcher. Have hacked Medium, Mozilla, Opera & many more. Personal Website: https://0x48piraj.com
