Writeups, notes and other stuff

Contact me for any questions or suggestions

Simple Bugs 0x02: Overwritting Uploaded Files

File upload bugs are not as common as before, but they’re still out there. They can provide all levels of priority, from informational to critical. Introduction A forum allows you to create a profile and upload a picture. A simple and ordinary feature. Even though it uses legacy technology such as PHP, it is as hardened as possible. When this is the case, you need to go beyond the standard techniques, but this doesn’t mean they are complex....

April 6, 2023 · 3 min

Simple Bugs 0x01: Password Changing to Account Takeover

Newcomers think bug hunting and hacking are complex and impossible. You only need the right mindset, basic bugs, and some basic tooling. This series of posts will show you it can be as simple as possible. Introduction There’s almost no bug better than an account takeover. If you are a malicious hacker, this would be one of the best bugs you could find. It would be expensive on the dark market....

April 3, 2023 · 5 min