Before you start reading this article, please keep in mind that this is a very basic reverse shell, and still needs a lot of work to get the most out of it. A few of the limitations are: Errors could occur if more the payload is active on multiple pages…

In this post, I will explain how I found an authentication bypass, and further explored the functionality of the website, to increase the impact of the submission. The target had a wide scope and the main domain did not have that much functionality, so after a quick look around, I…

Table of contents Introduction Explaining the code Initial ideas and method of solving The solution Introduction As always, I started with reading the rules. The goal is to alert() the following flag: {THIS_IS_THE_FLAG}. Hmm.. this is new! With the previous challenges I’ve solved the goal was to execute document.domain. …

Why does my title say “Hacking” when it’s just an XSS challenge? Because I didn’t solve the challenge, I hacked the game. When you open the challenge page, the first thing you see is this: This is a game called “18 Game” and its goal is to have three cards…

While I was reading some of Inti De Ceukelaire’s old writeups, I came across “How I got your phone number through Facebook”. Facebook’s reply on his submission was that the “Who can look me up” settings are set to Public. After reading this, I decided to have a look at…

As always, I started with reading the rules. The goal is to execute alert(document.domain) on the challenge-1220.intigriti.io domain. Self XSS and MiTM attacks are not in scope, and the solution should work on the latest version of Firefox and Chrome. The first thing I did was using the calculator like…

Like you should do with every challenge, I started with reading the rules. Those were clear. The goal was to execute alert(document.domain) on the challenge-1120.intigriti.io domain, without using self-xss or MiTM attacks. The attack should work in the latest version of Chrome and Firefox. While looking at the html of…

When I started with bug bounty hunting, I became interested in all bugs related to URLs, one of my favorite and easy to exploit / find bugs, are broken link takeovers. I have found a few since I started, but all of them were links to nonexistent social media accounts…

While I was looking at companies to do my internship at, I found a company with a link to an nonexistent Twitter account. I thought it would be original to use this takeover to apply for an internship, and immediately show them that their site has a broken link. So I created the application with a few tweets, and mailed the company to tell them to look at the twitter account linked to on their site.