Hello Members, I am Vishal Bharad. Works as Penetration Tester and from India.
Here I am Back with another Interesting blog on How I Hacked Everyone’s Resume/CV’s on Job Search Portal and got €€€ (Euro).
First of all this is the one of the Simplest Vulnerability which rated in CRITICAL Category on Intigriti.
I started Bug bounty on intigriti.com and while searching for programs I got one program which is related to job search portal. As there are so many programs on intigriti related to job search :D.
So they not allowed to exposed vulnerabilities related to there program so…
Hello Guys hope you all are doing well, fine and healthy during this hard time.
Introduction :
Hello, I am Vishal Bharad, from India and working as Penetration Tester, Now today I am going to share how I found Stored Cross-Site Scripting (XSS) in icloud.com.
Initial Discovery & Exploitation :
First of all I am not the XSS guy :D
Finally I decided to hunt on Apple. As we all know that apple is having large scope so I blindly choose icloud.com and decided to find at least 1 bug on icloud.com.
I tried many vulnerabilities on icloud.com such as…
Hello Members, I am Vishal Bharad. Works as Security Researcher and pursuing OSCP. Here I am Back with another Interesting blog on Full Account Takeover Via Modifying Email ID.
Vulnerable Product — Codeigniter 3.0.0 (Authentication) Web Application Framework
Vulnerability Type — Insecure Permissions
Affected Component — Login page form.
Attack Type — Remote
Impact Escalation of Privileges — true
Here in Authentication Library there are many Simple, Fast and Lightweight auth codeigniter.
Feature: -Add user -Delete user -Ban, Unban user -Register new user sent to email token -Forget password -Role user level — Vulnerable Feature -Edit user profile -Gravatar user…
Introduction :
Hello, I am Vishal Bharad. I’m here to share about my findings on Stored XSS on Angular JS 1.4.9
Angular JS is a Javascript Framework used in Many Websites. But in this the XSS will not able to validate on the server side. Its only validate on the Client side. Means when we simply type payload in input field it gives an error. But when we put the payload in Burp Suite and then forward it. It actually Accept It.
About the Vulnerability :
For Discovering this bug I got the page in which I got the Input…
Introduction :
Hello, I am Vishal Bharad & I am Mechanical Engineer :D and working as Penetration Tester. I’m here to share about my findings on Prototype 1.6.0.1 Framework Which is Used in Many Websites.
About the Vulnerability :
I have got the url like https://support.target.com. So I have got the Improper Access Control Vulnerability. which is Similar like to Insecure Direct Object Reference.
For Discovering the bug I have tested many tricks on the various websites. After Deep Research I have got the Prototype 1.6.0.1 Framework which is Used in Many Websites for Support. Lets Assume https://support.target.com
So then…
Introduction :
Hello Guys Again, I am Vishal Bharad, I’m here again to share about my findings on How I Bypass 2 Factor Authentication via CSRF (Cross Site Request Forgery).
About the Vulnerability :
You all know about the 2FA Bypass Vulnerability. There are some Techniques.
- Bypassing 2fa using conventional session management
- Bypassing 2fa Via OAuth mechanism
- Bypassing 2fa via brute force
- Bypassing 2fa using race conditions (RARE)
- Bypassing 2fa using modifies response
- Bypassing 2fa using Activation link
- Bypassing 2fa in password reset page
But here I am able to disable the 2FA via Client side attack which is CSRF.
…
Introduction :
Hello Again, I am Vishal Bharad, I’m here again to share about my findings on Full Account Takeover on Android Application
About the Vulnerability :
First of all this is the one of the Simplest Vulnerability which rated in P1 Category. For Discovering the bug need to Setup for Android Application Penetration Testing.
Hope You all already know about the Setup of Android Application Penetration Testing. :)
So I am directly started with the Vulnerability that I have identified. Consider I have an Android Application which is target.apk
Tools Used for this Vulnerability:
- BurpSuite
- Genymotion
General Steps:
- First…
Introduction :
Hello, I am Vishal Bharad, I am Mechanical Engineer :D and working as Penetration Tester. I’m here to share about my findings on Full Account Takeover.
About the Vulnerability :
For Discovering the bug I have tested many tricks on the website. Assume redacted.com. When finding the bugs i decided that find some bugs on Forget Password Page.
I tried on many websites about 6 to 8 hours. Then after so many attempts I have found a big and interesting vulnerability which leads to Full Account Takeover
Tools Used for this Vulnerability:
- BurpSuite
- Ngrok Server
Steps to Reproduce:
Vishal Bharad
Penetration Tester, Bug Bounty Hunter, Security Researcher
