Critical 2FA Vulnerability: Reusable TOTP Codes Allow Unauthorized Access

<p> </p><p data-end="471" data-start="180">Two-factor authentication (2FA) is supposed to be one of the strongest layers of account protection. But during routine testing, I discovered a serious issue: the system allows the <strong data-end="397" data-start="361">same Google Authenticator (TOTP)</strong> code to be used <strong data-end="432" data-start="414">multiple times</strong>, even across different login sessions.</p> <p data-end="540" data-start="473">This completely breaks the “one-time” nature of one-time passwords.</p><p data-end="540" data-start="473"> </p><p data-end="540" data-start="473"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVcVUdFVCnU1lkS4LTnDkvuxYu2gG7eDnq5kHueG9Vi9RvDEcHVqXcsNBVvC4M5Z7RWa1HE5Nt06Snnls7poB9AMb1JwedK0t2xyeKpQ-9WGqRB3wCH4-aACGz0t_XHalEEyT-4REfjUuKpWbpaA80B00W_5n5Lb6dMni_G6QiMAr6TJ08aeGvJoTAKRc/s1024/Gemini_Generated_Image_th9l8hth9l8hth9l.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1024" data-original-width="1024" height="430" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVcVUdFVCnU1lkS4LTnDkvuxYu2gG7eDnq5kHueG9Vi9RvDEcHVqXcsNBVvC4M5Z7RWa1HE5Nt06Snnls7poB9AMb1JwedK0t2xyeKpQ-9WGqRB3wCH4-aACGz0t_XHalEEyT-4REfjUuKpWbpaA80B00W_5n5Lb6dMni_G6QiMAr6TJ08aeGvJoTAKRc/w430-h430/Gemini_Generated_Image_th9l8hth9l8hth9l.png" width="430" /></a></div><br /> <p></p> <hr data-end="545" data-start="542" /> <h2 data-end="574" data-start="547"><strong data-end="574" data-start="550">📌 What’s the Issue?</strong></h2> <p data-end="677" data-start="576">The system does not mark a TOTP code as “used” after successful login.<br data-end="649" data-start="646" /> Because of this, anyone can:</p> <ul data-end="838" data-start="679"><li data-end="717" data-start="679"> <p data-end="717" data-start="681">Enter the TOTP code in one browser</p> </li><li data-end="773" data-start="718"> <p data-end="773" data-start="720">Reuse the <em data-end="736" data-start="730">same</em> code in another browser or session</p> </li><li data-end="838" data-start="774"> <p data-end="838" data-start="776">Successfully log in again before the 30-second interval ends</p> </li></ul> <p data-end="917" data-start="840">This makes it possible for an attacker to replay a valid code and bypass 2FA.</p> <hr data-end="922" data-start="919" /> <h2 data-end="952" data-start="924"><strong data-end="952" data-start="927">🧪 Steps to Reproduce</strong></h2> <ol data-end="1318" data-start="954"><li data-end="993" data-start="954"> <p data-end="993" data-start="957">Enable 2FA (Google Authenticator).</p> </li><li data-end="1053" data-start="994"> <p data-end="1053" data-start="997">Open <strong data-end="1015" data-start="1002">Browser 1</strong> → log in and reach the TOTP screen.</p> </li><li data-end="1140" data-start="1054"> <p data-end="1140" data-start="1057">Open <strong data-end="1087" data-start="1062">Browser 2 / Incognito</strong> → repeat the login and reach the same TOTP screen.</p> </li><li data-end="1203" data-start="1141"> <p data-end="1203" data-start="1144">Open Google Authenticator → get the current 6-digit code.</p> </li><li data-end="1254" data-start="1204"> <p data-end="1254" data-start="1207">Enter the code in Browser 1 → login succeeds.</p> </li><li data-end="1318" data-start="1255"> <p data-end="1318" data-start="1258">Enter the <strong data-end="1281" data-start="1268">same code</strong> in Browser 2 → login succeeds again.</p> </li></ol> <p data-end="1399" data-start="1320">The TOTP is accepted twice (or more), even though it should only be valid once.</p> <hr data-end="1404" data-start="1401" /> <h2 data-end="1432" data-start="1406"><strong data-end="1432" data-start="1409">🎯 Why This Matters</strong></h2> <p data-end="1532" data-start="1434">TOTP is designed to be a <strong data-end="1471" data-start="1459">one-time</strong> password.<br data-end="1484" data-start="1481" /> If a system allows reuse, it opens the door for:</p> <ul data-end="1663" data-start="1534"><li data-end="1552" data-start="1534"> <p data-end="1552" data-start="1536">Replay attacks</p> </li><li data-end="1584" data-start="1553"> <p data-end="1584" data-start="1555">Unauthorized account access</p> </li><li data-end="1606" data-start="1585"> <p data-end="1606" data-start="1587">Session hijacking</p> </li><li data-end="1663" data-start="1607"> <p data-end="1663" data-start="1609">Increased risk when codes are intercepted or exposed</p> </li></ul> <p data-end="1745" data-start="1665">A valid TOTP code becomes far more dangerous when it can be used more than once.</p> <hr data-end="1750" data-start="1747" /> <h2 data-end="1777" data-start="1752"><strong data-end="1777" data-start="1755">🛠 Recommended Fix</strong></h2> <p data-end="1837" data-start="1779">Implement <strong data-end="1817" data-start="1789">one-time use enforcement</strong> for each TOTP code:</p> <ul data-end="2038" data-start="1839"><li data-end="1921" data-start="1839"> <p data-end="1921" data-start="1841">Once a TOTP for a specific timestamp is successfully used, store it as “used.”</p> </li><li data-end="2038" data-start="1922"> <p data-end="2038" data-start="1924">Reject any future attempt using the same timestamp/code combination—even if it’s within the same 30-second window.</p> </li></ul> <p data-end="2058" data-start="2040">In simple terms:</p> <blockquote data-end="2135" data-start="2059"> <p data-end="2135" data-start="2061"><strong data-end="2135" data-start="2061">Don’t allow the same TOTP timestamp to pass validation more than once.</strong></p> </blockquote> <hr data-end="2140" data-start="2137" /> <h2 data-end="2162" data-start="2142"><strong data-end="2162" data-start="2145">💬 Conclusion</strong></h2> <p data-end="2354" data-start="2164">This vulnerability weakens the security of an otherwise strong 2FA system. By allowing TOTP reuse, the door is left open for attackers to exploit replay attacks and gain unauthorized access.</p> <p data-end="2439" data-start="2356">Fixing this requires a straightforward change: treat each TOTP as truly <em data-end="2438" data-start="2428">one-time</em>.</p>

Critical 2FA Vulnerability: Reusable TOTP Codes Allow Unauthorized Access

  Two-factor authentication (2FA) is supposed to be one of the strongest layers of account protection. But during routine testing, I discove...

Read more »

IP Rotation Loophole That Breaks Traditional Rate Limiting

<p> </p><p data-end="596" data-start="277">Rate limiting is one of the oldest and most widely used defenses in web security. It’s supposed to help protect login forms, password-reset flows, and other sensitive endpoints from abuse. But as the internet evolves, so do the tools attackers use—and some longstanding defenses no longer hold up the way they once did.</p><p data-end="596" data-start="277"> </p><p data-end="596" data-start="277"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV7qXKbaSawskWlOECRqG7qdufpRslL49mG3pP-Zt5Sixo_nkXaiwvuVZwAUjGo9Lol1FMo5Be_i9tFLe2VvmvSK4LAv6F4_VjjffKFtbyBhd8iWApCedmhXqBEuLXLpi47lnLgsMPbW_2lGSN3kVJaXABtk_etzbTWQzqZs0tE9VbfRQqn0gn1ajNRXM/s1024/Gemini_Generated_Image_ab516pab516pab51.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1024" data-original-width="1024" height="530" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV7qXKbaSawskWlOECRqG7qdufpRslL49mG3pP-Zt5Sixo_nkXaiwvuVZwAUjGo9Lol1FMo5Be_i9tFLe2VvmvSK4LAv6F4_VjjffKFtbyBhd8iWApCedmhXqBEuLXLpi47lnLgsMPbW_2lGSN3kVJaXABtk_etzbTWQzqZs0tE9VbfRQqn0gn1ajNRXM/w530-h530/Gemini_Generated_Image_ab516pab516pab51.png" width="530" /></a></div><br /> <p></p> <p data-end="935" data-start="598">Recently, while testing the security of a “Forgot Password” flow, I uncovered a flaw that highlights just how outdated IP-based rate limiting has become. With nothing more than basic IP rotation techniques, I was able to bypass the application’s throttling entirely and send unlimited password-reset requests to any target email address.</p> <p data-end="1094" data-start="937">This post walks through what I discovered, why it matters, and why developers need to rethink how they design defenses for critical authentication endpoints.</p> <hr data-end="1099" data-start="1096" /> <h2 data-end="1152" data-start="1101"><strong data-end="1152" data-start="1104">The Problem With IP-Based Throttling in 2025</strong></h2> <p data-end="1210" data-start="1154">Most applications today still follow a familiar pattern:</p> <ol data-end="1394" data-start="1212"><li data-end="1273" data-start="1212"> <p data-end="1273" data-start="1215">A user enters their email into the “Forgot Password” form.</p> </li><li data-end="1307" data-start="1274"> <p data-end="1307" data-start="1277">The server sends a reset link.</p> </li><li data-end="1394" data-start="1308"> <p data-end="1394" data-start="1311">To prevent abuse, the server limits how many requests can be made from the same IP.</p> </li></ol> <p data-end="1504" data-start="1396">At first glance, this seems reasonable. But in practice, attackers have countless ways to cycle through IPs:</p> <ul data-end="1730" data-start="1506"><li data-end="1533" data-start="1506"> <p data-end="1533" data-start="1508">VPNs and proxy services</p> </li><li data-end="1561" data-start="1534"> <p data-end="1561" data-start="1536">Shared hosting networks</p> </li><li data-end="1614" data-start="1562"> <p data-end="1614" data-start="1564">Cloud platforms like AWS, DigitalOcean, or Vultr</p> </li><li data-end="1678" data-start="1615"> <p data-end="1678" data-start="1617">IPv6 subnets that come with <em data-end="1656" data-start="1645">trillions</em> of unique addresses</p> </li><li data-end="1730" data-start="1679"> <p data-end="1730" data-start="1681">Botnets of compromised devices around the world</p> </li></ul> <p data-end="1835" data-start="1732">What does this mean?<br data-end="1755" data-start="1752" /> It means that IP-based rate limiting <strong data-end="1834" data-start="1792">no longer meaningfully limits anything</strong>.</p> <hr data-end="1840" data-start="1837" /> <h2 data-end="1879" data-start="1842"><strong data-end="1879" data-start="1845">What I Observed During Testing</strong></h2> <p data-end="1900" data-start="1881">My test was simple:</p> <ol data-end="2078" data-start="1902"><li data-end="1964" data-start="1902"> <p data-end="1964" data-start="1905">Submit multiple password-reset requests for the same email.</p> </li><li data-end="2047" data-start="1965"> <p data-end="2047" data-start="1968">Wait until the server returns a “too many attempts” or “rate limited” response.</p> </li><li data-end="2064" data-start="2048"> <p data-end="2064" data-start="2051">Change my IP.</p> </li><li data-end="2078" data-start="2065"> <p data-end="2078" data-start="2068">Try again.</p> </li></ol> <p data-end="2232" data-start="2080">Each time I switched IPs, the server completely reset the throttle. I was treated as a brand-new user—able to send more password-reset emails instantly.</p> <p data-end="2392" data-start="2234">It didn’t matter that I was requesting resets for the same email, in the same pattern, seconds apart. The only thing the server cared about was the client IP.</p> <p data-end="2410" data-start="2394">This meant that:</p> <ul data-end="2601" data-start="2412"><li data-end="2462" data-start="2412"> <p data-end="2462" data-start="2414">An attacker could send <em data-end="2448" data-start="2437">unlimited</em> reset emails.</p> </li><li data-end="2511" data-start="2463"> <p data-end="2511" data-start="2465">A user could be mail-bombed into submission.</p> </li><li data-end="2601" data-start="2512"> <p data-end="2601" data-start="2514">The underlying authentication endpoint could be brute-forced across thousands of IPs.</p> </li></ul> <p data-end="2728" data-start="2603">In short: the system’s main line of defense could be bypassed with a technique available to <em data-end="2703" data-start="2695">anyone</em> with a VPN subscription.</p> <hr data-end="2733" data-start="2730" /> <h2 data-end="2777" data-start="2735"><strong data-end="2777" data-start="2738">Real-World Abuse Isn’t Hypothetical</strong></h2> <p data-end="3006" data-start="2779">This kind of vulnerability has precedent. One of the most infamous examples was the 2015 Apple “Celebgate” incident, where attackers brute-forced credentials against an Apple endpoint that relied heavily on IP-based throttling.</p> <p data-end="3073" data-start="3008">The takeaway from that event—and countless others since—is clear:</p> <blockquote data-end="3164" data-start="3075"> <p data-end="3164" data-start="3077"><strong data-end="3164" data-start="3077">IP-based rate limiting is not a modern security control. It’s a speed bump at best.</strong></p> </blockquote> <p data-end="3240" data-start="3166">Yet many applications still depend on it as if it were a reliable barrier.</p> <hr data-end="3245" data-start="3242" /> <h2 data-end="3280" data-start="3247"><strong data-end="3280" data-start="3250">Why It Matters: The Impact</strong></h2> <p data-end="3343" data-start="3282">This loophole opens the door to a range of abusive behaviors:</p> <h3 data-end="3368" data-start="3345"><strong data-end="3368" data-start="3349">1. Mail Bombing</strong></h3> <p data-end="3482" data-start="3369">A malicious actor could bombard a victim’s inbox with hundreds or thousands of password-reset emails.<br data-end="3473" data-start="3470" /> This can:</p> <ul data-end="3590" data-start="3484"><li data-end="3520" data-start="3484"> <p data-end="3520" data-start="3486">overwhelm and frustrate the user</p> </li><li data-end="3556" data-start="3521"> <p data-end="3556" data-start="3523">hide legitimate security alerts</p> </li><li data-end="3590" data-start="3557"> <p data-end="3590" data-start="3559">degrade trust in the platform</p> </li></ul> <h3 data-end="3626" data-start="3592"><strong data-end="3626" data-start="3596">2. Distributed Brute Force</strong></h3> <p data-end="3799" data-start="3627">Login or reset endpoints that rely solely on IP throttling are particularly vulnerable.<br data-end="3717" data-start="3714" /> Attackers can distribute attempts across many IPs and avoid triggering any alarms.</p> <h3 data-end="3834" data-start="3801"><strong data-end="3834" data-start="3805">3. User Experience Damage</strong></h3> <p data-end="3976" data-start="3835">If users regularly receive unsolicited reset emails, they’ll perceive the platform as insecure—even if their account hasn’t been compromised.</p> <h3 data-end="4015" data-start="3978"><strong data-end="4015" data-start="3982">4. Potential Account Takeover</strong></h3> <p data-end="4150" data-start="4016">If combined with weak tokens, predictable reset flows, or other vulnerabilities, this issue could escalate to full account compromise.</p> <hr data-end="4155" data-start="4152" /> <h2 data-end="4197" data-start="4157"><strong data-end="4197" data-start="4160">Why This Is So Easy for Attackers</strong></h2> <p data-end="4256" data-start="4199">The reality is that rotating IP addresses is now trivial:</p> <ul data-end="4518" data-start="4258"><li data-end="4375" data-start="4258"> <p data-end="4375" data-start="4260">Many cloud providers offer full <em data-end="4309" data-start="4292">/64 IPv6 ranges</em>, giving attackers access to <strong data-end="4356" data-start="4338">18 quintillion</strong> addresses per VPS.</p> </li><li data-end="4442" data-start="4376"> <p data-end="4442" data-start="4378">Modern botnets contain millions of globally distributed devices.</p> </li><li data-end="4518" data-start="4443"> <p data-end="4518" data-start="4445">Proxy and VPN networks offer automated IP rotation as a standard feature.</p> </li></ul> <p data-end="4629" data-start="4520">A security control that assumes “one user = one IP” simply doesn’t reflect the state of the internet anymore.</p> <hr data-end="4634" data-start="4631" /> <h2 data-end="4692" data-start="4636"><strong data-end="4692" data-start="4639">How to Fix It: Modern Defenses That Actually Work</strong></h2> <p data-end="4841" data-start="4694">To meaningfully protect password-reset flows and similar endpoints, developers need to adopt <em data-end="4818" data-start="4787">multi-layered, identity-aware</em> mitigation strategies.</p> <p data-end="4879" data-start="4843">Here are the most effective options:</p> <h3 data-end="4910" data-start="4881"><strong data-end="4910" data-start="4885">1. CAPTCHA Challenges</strong></h3> <p data-end="5010" data-start="4911">A CAPTCHA (invisible or user-facing) prevents automated mass requests even across thousands of IPs.</p> <h3 data-end="5062" data-start="5012"><strong data-end="5062" data-start="5016">2. Rate Limiting Based on the Target Email</strong></h3> <p data-end="5152" data-start="5063">Instead of only limiting per-IP, also limit how often <strong data-end="5131" data-start="5117">each email</strong> can receive a reset.</p> <h3 data-end="5195" data-start="5154"><strong data-end="5195" data-start="5158">3. Behavioral and Velocity Checks</strong></h3> <p data-end="5212" data-start="5196">Look beyond IPs:</p> <ul data-end="5311" data-start="5213"><li data-end="5237" data-start="5213"> <p data-end="5237" data-start="5215">browser fingerprints</p> </li><li data-end="5258" data-start="5238"> <p data-end="5258" data-start="5240">request velocity</p> </li><li data-end="5289" data-start="5259"> <p data-end="5289" data-start="5261">unusual patterns or bursts</p> </li><li data-end="5311" data-start="5290"> <p data-end="5311" data-start="5292">device reputation</p> </li></ul> <h3 data-end="5353" data-start="5313"><strong data-end="5353" data-start="5317">4. Honeypots or Invisible Fields</strong></h3> <p data-end="5442" data-start="5354">Bots often fill fields humans never touch—this is an easy way to detect automated abuse.</p> <h3 data-end="5479" data-start="5444"><strong data-end="5479" data-start="5448">5. Abuse Detection Services</strong></h3> <p data-end="5641" data-start="5480">Modern WAFs (Web Application Firewalls) and anti-bot platforms use IP reputation, machine learning, and behavioral signals that far outperform raw IP throttling.</p> <h3 data-end="5665" data-start="5643"><strong data-end="5665" data-start="5647">6. User Alerts</strong></h3> <p data-end="5754" data-start="5666">Notify users when multiple reset attempts occur. Visibility itself is a form of defense.</p>

IP Rotation Loophole That Breaks Traditional Rate Limiting

  Rate limiting is one of the oldest and most widely used defenses in web security. It’s supposed to help protect login forms, password-rese...

Read more »

Acknowledged By Twilio WIth (POC) ( Dos With Email)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Logical Denial Of Service Bug To Twilio. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. <br /> <br /> <br /> <b>Small Description :-</b> i m able to create a email with 100000000000000 words so , when i use that email on login page its make sites unavailable. <br /> <br /> <br /> <b>About Bug:-</b>  Google Says<span class="_Tgc"> <b>denial-of-service</b> (<b>DoS</b>) <b>attack</b> is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.</span><br /> <br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB3iTNQWGuRg1M7y45SEpxKROZr4EtXsZLOnySLZEp-67t4Jut8mmFynI8GsBggGBwETyaDmaDMKVbLEdPqfi0dCmYtOvNlF7h65mX9nAYAMVq7xYjK-FKI7Jplbni4ds69u0-Imnut2zo/s1600/twilio.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB3iTNQWGuRg1M7y45SEpxKROZr4EtXsZLOnySLZEp-67t4Jut8mmFynI8GsBggGBwETyaDmaDMKVbLEdPqfi0dCmYtOvNlF7h65mX9nAYAMVq7xYjK-FKI7Jplbni4ds69u0-Imnut2zo/s400/twilio.JPG" width="400" /></a></div> <br /> <br /> <span class="_Tgc"><b>Hall Of Fame Link :-  <a href="https://bugcrowd.com/twilio/hall-of-fame">https://bugcrowd.com/twilio/hall-of-fame</a></b></span><br /> <br /> <br /> <br /> Thanks for reading...</div>

Acknowledged By Twilio WIth (POC) ( Dos With Email)

I Reported Logical Denial Of Service Bug To Twilio. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. Small Descr...

Read more »

Acknowledged By Jet WIth (POC) ( Dos With Password)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Logical Denial Of Service Bug To Jet. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. <br /> <br /> <br /> <b>Small Description :-</b> i m able to create a password with 100000000000000 words so , when i use that password on login page its make sites unavailable. <br /> <br /> <br /> <b>About Bug:-</b>  Google Says<span class="_Tgc"> <b>denial-of-service</b> (<b>DoS</b>) <b>attack</b> is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.</span><br /> <br /> <span class="_Tgc"><b>Hall Of Fame Link :-  <a href="https://bugcrowd.com/jet/hall-of-fame">https://bugcrowd.com/jet/hall-of-fame</a></b></span><br /> <br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcUXlT4YPEqjxnBJsBUK2jg5xcZSS4uDpdfq5cjnwxwON4l3o7o5alog7AVDtoiHsbp8GBCXz0r1tzXEsSrVXvT8F4eGR3T3IM7GHdYyvuDIjbkb_F6ivgPOtCGr0gGMIL6ASzK9-rl7Dx/s1600/jet.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcUXlT4YPEqjxnBJsBUK2jg5xcZSS4uDpdfq5cjnwxwON4l3o7o5alog7AVDtoiHsbp8GBCXz0r1tzXEsSrVXvT8F4eGR3T3IM7GHdYyvuDIjbkb_F6ivgPOtCGr0gGMIL6ASzK9-rl7Dx/s400/jet.jpg" width="400" /> </a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <br /> <span class="_Tgc">Thanks for reading......<b> </b></span></div>

Acknowledged By Jet WIth (POC) ( Dos With Password)

I Reported Logical Denial Of Service Bug To Jet. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. Small Descript...

Read more »

Acknowledged By Itbit WIth (POC) ( Dos With Password)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Logical Denial Of Service Bug To ItBit. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. <br /> <br /> <br /> <b>Small Description :-</b> i m able to create a password with 100000000000000 words so , when i use that password on login page its make sites unavailable. <br /> <br /> <br /> <b>About Bug:-</b>  Google Says<span class="_Tgc"> <b>denial-of-service</b> (<b>DoS</b>) <b>attack</b> is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.</span><br /> <br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9mYRnS-Bs8mtiOCWRxQ7LRJf3vCILsZ9eagMJgCKqpfnRlauWWkC54OLmLr_Tdfk3Zk59TDiOSO05C9cxMN6ews4dzg251HQ0wyEGhqFdfvsLRU4lwtETS5-P_K_uVwrIIRfhn55pahBY/s1600/itbit.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9mYRnS-Bs8mtiOCWRxQ7LRJf3vCILsZ9eagMJgCKqpfnRlauWWkC54OLmLr_Tdfk3Zk59TDiOSO05C9cxMN6ews4dzg251HQ0wyEGhqFdfvsLRU4lwtETS5-P_K_uVwrIIRfhn55pahBY/s400/itbit.JPG" width="400" /> </a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <br /> <br /> <span class="_Tgc"><b>Hall Of Fame Link :-  <a href="https://hackerone.com/itbit/thanks">https://hackerone.com/itbit/thanks</a></b></span><br /> <br /> <span class="_Tgc"><b>Disclosed Report:-  <a href="https://hackerone.com/reports/98083">https://hackerone.com/reports/98083</a></b></span><br /> <br /> <br /> <span class="_Tgc">Thanks for reading... </span></div>

Acknowledged By Itbit WIth (POC) ( Dos With Password)

I Reported Logical Denial Of Service Bug To ItBit. They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. Small Descri...

Read more »

Acknowledged By Blockhain WIth (POC)

<div dir="ltr" style="text-align: left;" trbidi="on"> <div id="summary3471379279319678408"> I Reported <span class="_Tgc"><b>Content spoofing</b></span>  Bug To Blockchain They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty.<br /> <br /></div> <div id="summary3471379279319678408"> </div> <div id="summary3471379279319678408"> <b>About Bug:-</b>  Google Says <span class="_Tgc"><b>Content spoofing</b>, also referred to as <b>content</b> injection or virtual defacement, is an attack targeting a user made possible by an injection vulnerability in a web application.</span><br /> <br /></div> <div id="summary3471379279319678408"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy77HH-qP4-j8e1iSgwDtNFSeTmYaQP1cjZMew7PwTp2aFjfGrcvEIsPoCCRpxrTPAB_ZnhrmXaiQZFc46vnhZ5-4f-1Au94R81EjO7V1assDDraaF-iLJcKx0_U3I9vdCQ5R35LRxLak0/s1600/block.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy77HH-qP4-j8e1iSgwDtNFSeTmYaQP1cjZMew7PwTp2aFjfGrcvEIsPoCCRpxrTPAB_ZnhrmXaiQZFc46vnhZ5-4f-1Au94R81EjO7V1assDDraaF-iLJcKx0_U3I9vdCQ5R35LRxLak0/s400/block.JPG" width="400" /></a></div> <div id="summary3471379279319678408"> </div> <div id="summary3471379279319678408"> <br /> <br /> <span class="_Tgc"><b>Vulnerable Link :-</b> <a href="https://goo.gl/g2FW2O">https://goo.gl/g2FW2O</a></span></div> <div id="summary3471379279319678408"> <span class="_Tgc"><br /></span></div> <div id="summary3471379279319678408"> <b><span class="_Tgc">Hall Of Fame :- </span></b><a href="https://cobalt.io/blockchain-info/hall-of-fame/all"><span class="_Tgc">https://cobalt.io/blockchain-info/hall-of-fame/all</span></a><br /> <br /></div> <div id="summary3471379279319678408"> </div> <div id="summary3471379279319678408"> <span class="_Tgc">Thanks for reading .. </span></div> <div id="summary3471379279319678408"> <span class="_Tgc"><br /></span></div> <div id="summary3471379279319678408"> </div> </div>

Acknowledged By Blockhain WIth (POC)

I Reported Content spoofing   Bug To Blockchain They Accept My Report And Decided To Provide Me Hall Of Fame + Bounty. About Bug:-   ...

Read more »

Acknowledged By Apptentive (Certificate + T-shirt)

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: left;"> I Reported Cross Site Request Forgery  Bug To Apptentive They Accept My Report And Decided To Provide Me Certificate + T-shirt.</div> <br /> <b>About Bug:- </b><br /> <br /> <span class="_Tgc">Google Says Cross-Site Request Forgery (<b>CSRF</b>) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user's Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.</span><br /> <div class="separator" style="clear: both; text-align: left;"> <span class="_Tgc"> </span> </div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhr0tsvWIfXEmf0FqTEsEzbue1yVsEX0vdpk1xRIk_0T8rnz1SLvmF_xLoK3FKLSaBaPTb6X-6VmNAj4oGWcxbKxb46nLhYzMCNk_9-F0Yk9nxhnuryFGuiSVP31y0NcXQl7ajTgqONMr5C/s320/certi.jpg" width="244" /></div> <br /></div>

Acknowledged By Apptentive (Certificate + T-shirt)

I Reported Cross Site Request Forgery  Bug To Apptentive They Accept My Report And Decided To Provide Me Certificate + T-shirt. About ...

Read more »

Acknowledged By Urban Airship (T-shirt + Hall Of Fame)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Misconfigured SPF Bug To Urban Airship They Accept My Report And Decided To Provide  Me T-shirt + Hall Of Fame<br /> <br /> <span class="_Tgc"><b>Google Says About </b></span><span class="_Tgc"><b>Misconfigured Spf if there is no spf or </b></span>misconfigured spf issue on any websites its fully leads to spoof mails. attacker can manage to send fake mail  from anything@example.com.<br /> <br /> <b>Hall Of Fame Link:-</b> <a href="http://urbanairship.com/full-disclosure-security-policy">http://urbanairship.com/full-disclosure-security-policy</a><br /> <br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigZGckOaB0QkBXkL7hYcvIzmw1PZ97xWP-KN3WqADlLusJ0Xz6m7RlCOm5GSo_x7HmQgQ2gDu1keRbPfjsRNP___EDqEdko1ormTr3vzwHBmnzQPyVe2ro7X1ggLeAbREmHwf2FyBh437X/s1600/airship.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigZGckOaB0QkBXkL7hYcvIzmw1PZ97xWP-KN3WqADlLusJ0Xz6m7RlCOm5GSo_x7HmQgQ2gDu1keRbPfjsRNP___EDqEdko1ormTr3vzwHBmnzQPyVe2ro7X1ggLeAbREmHwf2FyBh437X/s400/airship.JPG" width="400" /></a></div> </div>

Acknowledged By Urban Airship (T-shirt + Hall Of Fame)

I Reported Misconfigured SPF Bug To Urban Airship They Accept My Report And Decided To Provide  Me T-shirt + Hall Of Fame Google Says Abo...

Read more »

Acknowledged By Jumplead (Hall Of Fame)

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: left;"> I Reported Broken Authentication Bug To Jumplead They Accept My Report And Decided To Provide Me Hall Of Fame.</div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> <span class="_Tgc"><b>Google Says</b></span> when authentication function application are not worked correctly which will allow hackers to compromise passwords or session id's or to exploit other users using other users credentials.</div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> <b>Hall Of Fame Link:</b>- <a href="https://jumplead.com/about/security">https://jumplead.com/about/security</a> </div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both; text-align: center;">  <img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0uLUXQJHxvPoWtMCZuuKSOoHVAekanUkYyH9rGA7XrBUqbYqUoxyDempSYufpjpNejALf1sb4alRwHMwwujJ3lYodbTx7rwyyWIRwjsGox4OSsBT9zVgM9CWe1EgjmqCScaWJaJyzmqLZ/s400/jumplead.JPG" width="400" /></div> <br /></div>

Acknowledged By Jumplead (Hall Of Fame)

I Reported Broken Authentication Bug To Jumplead They Accept My Report And Decided To Provide Me Hall Of Fame. Google Says when authe...

Read more »

Acknowledged By Pagerduty (T-shirt)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Cross Site Request Forgery  Bug To Pagerduty They Accept My Report And Decided To Provide Me T-shirt.<br /> <br /> <b>About Bug:- </b><br /> <br /> <span class="_Tgc">Google Says Cross-Site Request Forgery (<b>CSRF</b>) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user's Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.</span><br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGuUX3c-Mwkbg0ipKiiP8m0QKkXDLYqBMyWGtk4JRSZ6dt8DjgRa9CEEGpFozMj-toh-Bp4hiBdmClC9KTEPJPKydE6bGHXJkZBrJdw2deNOtNGFfNYxwGBtxOM6sxIbIPtZzBJmgk9KVc/s1600/pagerduty.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="227" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGuUX3c-Mwkbg0ipKiiP8m0QKkXDLYqBMyWGtk4JRSZ6dt8DjgRa9CEEGpFozMj-toh-Bp4hiBdmClC9KTEPJPKydE6bGHXJkZBrJdw2deNOtNGFfNYxwGBtxOM6sxIbIPtZzBJmgk9KVc/s400/pagerduty.JPG" width="400" /></a></div> </div>

Acknowledged By Pagerduty (T-shirt)

I Reported Cross Site Request Forgery  Bug To Pagerduty They Accept My Report And Decided To Provide Me T-shirt. About Bug:-  Google Sa...

Read more »

How I Convert Self Xss Into Stored Xss On Fb's Oculus

<div dir="ltr" style="text-align: left;" trbidi="on"> Hello guys after a long time i tested facebook <span style="font-weight: normal;">acquisitions</span> oculus first i try to find common bugs like cross site request forgery ,cross site scripting, click jacking , open redirect but oculus main domain is really secure so after sometime  i started testing oculus sub domains and in one of sub domain i got self cross site scripting bug and i converted it into stored cross site scripting sounds cool na?.<br /> <br /> <b>Vulnerable Domain:-  <a href="http://answers.oculus.com/">answers.oculus.com</a></b><a href="http://answers.oculus.com/"><br /></a><br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcfPQzGytSC3NKOBqeT2ShTPoM5aeWf_T0XSY0rMoUPgyceB9a6x_ErBK6DLqIqryzJvtb7etk6sCFP_Y2Sx3cks14p2fj4-iX2mRQeyc8hs_tZ_gh5cwuLER8VzvhV0dEdv6feLDWzwF8/s1600/xsss.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="258" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcfPQzGytSC3NKOBqeT2ShTPoM5aeWf_T0XSY0rMoUPgyceB9a6x_ErBK6DLqIqryzJvtb7etk6sCFP_Y2Sx3cks14p2fj4-iX2mRQeyc8hs_tZ_gh5cwuLER8VzvhV0dEdv6feLDWzwF8/s400/xsss.JPG" width="400" /></a></div> <br /> <div style="text-align: center;"> <b>SO HERE IS PROOF OF CONCEPT</b></div> <div style="text-align: center;"> <b>   </b></div> <div style="text-align: center;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/2aCdA4IhsIo/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/2aCdA4IhsIo?feature=player_embedded" width="320"></iframe> </div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> hope you like my finding if you have any questions then please drop your comment i will try my best to answer your questions.  </div> <div style="text-align: center;"> <b>  </b></div> </div>

How I Convert Self Xss Into Stored Xss On Fb's Oculus

Hello guys after a long time i tested facebook acquisitions oculus first i try to find common bugs like cross site request forgery ,cross ...

Read more »

75% Yahoo Subdomains Are Vulnerable With Poodle

<div dir="ltr" style="text-align: left;" trbidi="on"> <b>Hello guys on this post i am going to share something interesting with you yesterday (4/6/2015) i was testing yahoo and when i test its sub domains i notice that 75% of yahoo sub domains are vulnerable with poodle. :D</b><br /> <b><br /></b> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidnXzH0R76sT3OFMFgYCE115VJV_2tzd5_xYW0bUQ0YkDEJET_2EO1a8NBiJzSYo5CtGeh_0MNsjEffCnEzk-qzVcqDgkPPeMxB1FbvlK0OzGwWJFCPf0_1R4SQHsc4ohnYjPSnTmg-mun/s1600/hull.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="384" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidnXzH0R76sT3OFMFgYCE115VJV_2tzd5_xYW0bUQ0YkDEJET_2EO1a8NBiJzSYo5CtGeh_0MNsjEffCnEzk-qzVcqDgkPPeMxB1FbvlK0OzGwWJFCPf0_1R4SQHsc4ohnYjPSnTmg-mun/s640/hull.jpg" width="640" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOJE3GyEZy9IRYg05UIRiQz0TtlItt_JliohydV4nAY1HmCkoRr0_86ut5ZwvRGAHI8ONV9lIqkYAAz2o5PzMWtOC-Po_AlLxIO_jozWWdqe9bfr8GJUlsVJZutm9cp5yyvhi8dxLQa-Gl/s1600/papapa.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><br /></a></div> <div class="separator" style="clear: both; text-align: center;"> </div> <br /> <b><br /></b> <b>What Is Poodle:- is a vulnerability in the design of SSL version 3.0. The vulnerability allows the decryption to plaintext of secure connections.</b><br /> <b><br /></b> <br /> <div style="text-align: center;"> <b><u>Here are little list of sub domains of yahoo check it 75% domains are vulnerable with poodle vulnerability </u></b></div> <div style="text-align: center;"> <br /> <b>games.yahoo.com</b><br /> <b>news.yahoo.com</b><br /> <b>finance.yahoo.com</b><br /> <b>groups.yahoo.com</b><br /> <b>dev.yahoo.com<br />ns1.yahoo.com<br />directory.yahoo.com<br />images.yahoo.com<br />food.yahoo.com<br />movies.yahoo.com<br />uk.mobile.yahoo.com<br />hk.adspecs.yahoo.com<br />devel.yahoo.com<br />www.answers.yahoo.com<br />weather.yahoo.com<br />football.fantasysports.yahoo.com<br />image.yahoo.com<br />class.yahoo.com<br />data.yahoo.com<br />frontier.yahoo.com<br />marketing.yahoo.com<br />elections.yahoo.com<br />quote.yahoo.com<br />m.yahoo.com<br />ro.yahoo.com<br />login.yahoo.com<br />web.analytics.yahoo.com<br />il.yahoo.com<br />info.yahoo.com<br />sports.yahoo.com<br />jobs.yahoo.com<br />help.yahoo.com<br />sms.yahoo.com<br />download.yahoo.com<br />purinaanimalallstars.yahoo.com<br />pop3.yahoo.com<br />employment.yahoo.com<br />r.yahoo.com<br />adserver.yahoo.com<br />id.yahoo.com<br />extern.yahoo.com<br />uk.antispam.yahoo.com<br />in.business.yahoo.com<br />es.yahoo.com<br />windows.yahoo.com<br />beta.yahoo.com<br />ads.yahoo.com<br />forum.yahoo.com<br />chat.yahoo.com<br />sales.yahoo.com<br />smtp.yahoo.com<br />tv.yahoo.com<br />support.yahoo.com<br />research.yahoo.com<br />eurosport.yahoo.com<br />bugs.yahoo.com<br />email.yahoo.com<br />pulse.yahoo.com<br />discovery.yahoo.com<br />in.yahoo.com<br />health.yahoo.com<br />rogers.software.yahoo.com<br />gallery.yahoo.com<br />cards.yahoo.com<br />site.yahoo.com<br />tax.yahoo.com<br />nz.youth.yahoo.com<br />next.yahoo.com<br />election.yahoo.com<br />wwww.yahoo.com<br />mx.yahoo.com<br />ww.yahoo.com<br />me.yahoo.com<br />express.yahoo.com<br />video.yahoo.com<br />uk.overview.mail.yahoo.com<br />home.yahoo.com<br />system.yahoo.com<br />gma.yahoo.com<br />accounts.yahoo.com<br />exchange.yahoo.com<br />dns.yahoo.com<br />br.yahoo.com<br />be.yahoo.com<br />ca.celebrity.yahoo.com<br />report.yahoo.com<br />account.yahoo.com<br />babelfish.yahoo.com<br />err.yahoo.com<br />shop.yahoo.com<br />digital.yahoo.com<br />uk.mail.yahoo.com<br />uk.messenger.yahoo.com<br />finances.yahoo.com<br />notepad.yahoo.com<br />hk.lifestyle.yahoo.com<br />server.yahoo.com<br />new.yahoo.com<br />msg.edit.yahoo.com<br />uk.calendar.yahoo.com<br />members.yahoo.com<br />uk.tv.yahoo.com<br />brazil.yahoo.com<br />alerts.yahoo.com<br />asia.yahoo.com<br />news.yahoo.com<br />map.yahoo.com<br />business.yahoo.com<br />uk.answers.yahoo.com<br />office.yahoo.com<br />privacy.yahoo.com<br />tech.yahoo.com<br />w.yahoo.com<br />games.yahoo.com<br />att.yahoo.com<br />website.yahoo.com<br />live.yahoo.com<br />mobile.yahoo.com<br />rss.yahoo.com<br />us.data.toolbar.yahoo.com<br />blog.yahoo.com<br />message.yahoo.com<br />9.yahoo.com<br />mlogin.yahoo.com<br />axis.yahoo.com<br />cf.calendar.yahoo.com<br />d.yahoo.com<br />auto.yahoo.com<br />it.yahoo.com<br />hp.yahoo.com<br />digits.yahoo.com<br />tickets.yahoo.com<br />www.littlewoods.com<br />fr.yahoo.com<br />uk.address.yahoo.com<br />radio.yahoo.com<br />maps.yahoo.com<br />tr.yahoo.com<br />phone.yahoo.com<br />relay.yahoo.com<br />events.yahoo.com<br />settings.yahoo.com<br />dk.yahoo.com<br />uk.lifestyle.yahoo.com<br />security.yahoo.com<br />www.labs.yahoo.com<br />mail.yahoo.com<br />groups.yahoo.com<br />www.calendar.yahoo.com<br />finance.yahoo.com<br />tw.promo.yahoo.com<br />uk.search.yahoo.com<br />mim.yahoo.com<br />headlines.yahoo.com<br />uk.yahoo.com<br />my.yahoo.com<br />calendar.yahoo.com<br />au.yahoo.com<br />au.advertising.yahoo.com<br />uk.games.yahoo.com<br />antispam.yahoo.com<br />card.yahoo.com<br />docs.yahoo.com<br />apps.yahoo.com<br />alert.yahoo.com<br />uk.celebrity.yahoo.com<br />profile.yahoo.com<br />enc.yahoo.com<br />intern.yahoo.com<br />za.yahoo.com<br />sip.yahoo.com<br />ph.yahoo.com<br />custom.yahoo.com<br />ibm.yahoo.com<br />src.yahoo.com<br />spam.yahoo.com<br />search.yahoo.com<br />local.yahoo.com<br />uk.yhs4.search.yahoo.com<br />cn.search.yahoo.com<br />profiles.yahoo.com<br />communications.yahoo.com<br />abuse.yahoo.com<br />chile.yahoo.com<br />uk.data.toolbar.yahoo.com<br />avatar.yahoo.com<br />messenger.yahoo.com<br />code.yahoo.com<br />publisher.yahoo.com<br />address.yahoo.com<br />communication.yahoo.com<br />ns3.yahoo.com<br />ns2.yahoo.com<br />images.search.yahoo.com<br />survey.yahoo.com<br />downloads.yahoo.com<br />forums.yahoo.com<br />www.yahoo.com<br />homes.yahoo.com<br />uk.astrology.yahoo.com<br />uk.images.search.yahoo.com<br />developer.yahoo.com<br />style.yahoo.com<br />nl.yahoo.com<br />gr.yahoo.com<br />servers.yahoo.com<br />sg.yahoo.com<br />internet.yahoo.com<br />ca.yahoo.com<br />biz.yahoo.com<br />messages.yahoo.com<br />wap.yahoo.com </b><br /> <br /></div> <div style="text-align: center;"> </div> <div style="text-align: center;"> </div> <div style="text-align: center;"> <b>For Checking It in One Click Go here <a href="https://www.poodlescan.com/">https://www.poodlescan.com</a></b><br /> <b>Enter the domain captions : </b><b><b>games.yahoo.com</b> </b><br /> <b>And it will prompt as vulnerable</b> </div> </div>

75% Yahoo Subdomains Are Vulnerable With Poodle

Hello guys on this post i am going to share something interesting with you yesterday (4/6/2015) i was testing yahoo and when i test its su...

Read more »

Acknowledged By Sellfy (Hall Of Fame)

<div dir="ltr" style="text-align: left;" trbidi="on"> I Reported Cross Site Request Forgery  Bug To Sellfy They Accept My Report And Decided To Provide Me Hall Of Fame.<br /> <br /> <b>About Bug:- </b><br /> <br /> <span class="_Tgc">Google Says Cross-Site Request Forgery (<b>CSRF</b>) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user's Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.</span><br /> <br /> <span class="_Tgc"><b>Hall Of Fame Link :- <a href="https://sellfy.com/security/">https://sellfy.com/security/</a></b></span><br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEge9UNHL707m22RcbXNyTG4v9a089FLlegZ0TXonosnQE2LbUq6iBgnc0St6bIe4Defqof2Z5wNtxJcPvnWbgPjBm7O3w50B5STIjuHcQUV1kaQBC8PvgJZvbKMgH_pdJmCUOZumr4PyJ_0/s1600/sellfy.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEge9UNHL707m22RcbXNyTG4v9a089FLlegZ0TXonosnQE2LbUq6iBgnc0St6bIe4Defqof2Z5wNtxJcPvnWbgPjBm7O3w50B5STIjuHcQUV1kaQBC8PvgJZvbKMgH_pdJmCUOZumr4PyJ_0/s320/sellfy.jpg" width="320" /></a></div> <br /> <br /></div>

Acknowledged By Sellfy (Hall Of Fame)

I Reported Cross Site Request Forgery  Bug To Sellfy They Accept My Report And Decided To Provide Me Hall Of Fame. About Bug:-  Google ...

Read more »

Acknowledged By Pocket (Hall Of Fame)

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: left;"> I Reported Heart bleed Bug To Pocket They Accept My Report And Decided To Provide Me Hall Of Fame.</div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> <b>About Bug:- </b></div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).<br /> <br /> The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.<br /> <br /> <b>Content From :-</b> http://heartbleed.com/ <br /> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsznmc1odsRwDmxNeZHwLCQFzEG3cEnrHG6kUZ0k3JtIF7mX6Ei_ILcD96bRFEc99tc4FeGcX-R-IkNFCxigvoBZKV9cwdVvYDLPifwTABxbnALNmxCyKW6FzbyhQ6CsoONpHpQ8VcnaYr/s1600/fffffffffffffffff.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsznmc1odsRwDmxNeZHwLCQFzEG3cEnrHG6kUZ0k3JtIF7mX6Ei_ILcD96bRFEc99tc4FeGcX-R-IkNFCxigvoBZKV9cwdVvYDLPifwTABxbnALNmxCyKW6FzbyhQ6CsoONpHpQ8VcnaYr/s400/fffffffffffffffff.jpg" width="400" /></a></div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> <br /></div> <div class="separator" style="clear: both; text-align: left;"> </div> <div class="separator" style="clear: both; text-align: left;"> <b>Hall of fame link :-</b> http://help.getpocket.com/customer/portal/articles/1225832-pocket-security-overview</div> </div>

Acknowledged By Pocket (Hall Of Fame)

I Reported Heart bleed Bug To Pocket They Accept My Report And Decided To Provide Me Hall Of Fame. About Bug:- The Heartbleed Bug ...

Read more »

Acknowledged By Newrelic (T-Shirt) With Poc

<div dir="ltr" style="text-align: left;" trbidi="on"> Hello guys today i am going to share my newrelic stored cross site scripting proof of concept hope you like it <br /> <br /> when i reported about this bug to newrelic security team they accept my report and decided to provide me t-shirt.<br /> <br /> Domain:- <a href="http://www.newrelic.com/">www.newrelic.com </a><br /> <br /> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5BjikhxMHS2eqVJjcQTKcq5qTtAEZtWc4FB4cek9TEDnxfRaGB9YyoyHKONUhfBFgMfV8-RVFZYvo8A_NTNiquQ9J0mNjmhzHUb8sw1gAvP8AmzWnQYDJhYrF9k9YOUTbOy1d5T-mjZWU/s1600/dddddd.bmp" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5BjikhxMHS2eqVJjcQTKcq5qTtAEZtWc4FB4cek9TEDnxfRaGB9YyoyHKONUhfBFgMfV8-RVFZYvo8A_NTNiquQ9J0mNjmhzHUb8sw1gAvP8AmzWnQYDJhYrF9k9YOUTbOy1d5T-mjZWU/s400/dddddd.bmp" width="400" /> </a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <h4 class="separator" style="clear: both; text-align: center;"> Stored Cross Site Scripting Proof Of Concept :D</h4> <h4 class="separator" style="clear: both; text-align: center;">  </h4> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/ggbpsfLT8eA/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/ggbpsfLT8eA?feature=player_embedded" width="320"></iframe></div> <h4 class="separator" style="clear: both; text-align: center;">  </h4> <h4 class="separator" style="clear: both; text-align: center;"> <span style="font-weight: normal;">if you have any question then please drop your question in comment box i will try to reply you soon......</span></h4> <h4 class="separator" style="clear: both; text-align: center;"> </h4> </div>

Acknowledged By Newrelic (T-Shirt) With Poc

Hello guys today i am going to share my newrelic stored cross site scripting proof of concept hope you like it when i reported about this...

Read more »