Tuesday, 22 March 2016
Wednesday, 2 March 2016
Hacking Facebook Polls - Poll Access Control Vulnerability: Dead Pool Version
Its been very long time that i am not in bug bounty things due to some reasons.Today we will see how i was able to do Hacking Facebook Polls.While surfing facebook groups, There is an module called "Polls" who got my attention. Using this module "Polls" admin/group members can create polls to get group members re-actions.
Basically the vulnerability is about "Access Control" in facebook polls, There are two controls which facebook offers and one of them is "Allow anyone to add options". If poll creator has disabled this option then users cant add more options to the poll, Even admin cant & if it is not disabled then any group member can add more options to the poll.
Pentesting Node.js Application : Nodejs Application Security Hello folks, Today we will see how we can do Pentesting Of NodeJS Appli...
Web2py Vulnerabilities This post is about Web2py Vulnerabilities which we have found, POC`s are created under Mac OS X EI Capitan, But ...
JSON Hijacking Today we will see that, How we can find the JSON Hijacking vulnerability. As we know that this works on older browsers...
Hello all, Its quite long time i have dosn`t updated my blog. So here we go. Today we will see how we can pentest JSON Web Applicat...
Referrer CSRF Bypass ( Not Effective But Alternative ) ============================================= Hello all friends ...
Slack Rate Limit Bypass First of all, Thanks to all readers for the appreciation got in my inbox. Today we will see, How i was a...