A login page with usernames and passwords mentioned on itself leads to an unrestricted file upload and a Stored XSS

https://www.freepik.com/photos/background Background photo created by mrsiraphol — www.freepik.com

Hi everyone, I am Naveen Prakaasham, a bug bounty hunter and I am going to talk about one of the highest severity bugs I’ve found. This bug I found was on a domain owned by Paytm. You can see their bug bounty program here.

So I began recon on one of the domains mentioned in the scope of the program.

Subdomain enumeration -> Looking for subdomains that are online -> Aquatone -> Looking manually at the report generated. (Just the usual stuff)

(For more information about recon, read this https://twitter.com/Jhaddix/status/1289258603329675264?s=20)

Then I came across an interesting subdomain. The subdomain had…


https://www.vecteezy.com/free-vector/rupee-symbol Rupee Symbol Vectors by Vecteezy

Hi everyone, hope everyone’s doing fine. It’s been a while since I published anything and now let me tell you in short, the story of the first bug that got me a bounty. So here goes.

A subdomain of the website had an iframe with reference to a domain that did not exist. The domain was available for purchase. So anyone can purchase the domain and serve any content on the subdomain similar to a subdomain takeover.

How I found it

Let’s call the website “domain.com”. I did some initial recon on the domain.

The methodology I followed for doing recon on the domain…


Hi everyone, this time our team of noobs, Schr0ding3r5 decided to participate in NoobCTF 0x1 and we got the 52nd place with 1590 points. This is a write-up of the challenges we solved in this CTF. So, lets dive right in….

Welcome — 10 pts

This challenge tells us “Get me in Discord”. So we were looking for a while in the Discord server of the CTF. We found the flag in two parts, in the descriptions of two of the authors.

Flag : noob{w3lc0m3_t0_n00N_CTF_Buddy}

Memory Forensic

In this section, we were provided with a Memory dump in ‘.raw’ format inside a zip file.

In this…


Hey all, hope everyone is doing fine. So, this is a write-up on some of the challenges our team Schr0ding3r5 solved in Castors CTF 2020.

General

Welcome

So, the Welcome challenge was about the Discord server. The Discord server for the CTF used a bot named MEE6. The bot returned the flag if “!flag” is typed in any channel.

Flag : castorsCTF{welcome_player_good_luck_and_have_fun}

For this challenge, there was a page called Readme in the CTF site. The flag was hidden in white text in that page.


Hi everyone! So, I started doing Capture The Flags (CTFs) around a month ago and I am obviously very new to this scene. I found De1CTF on CTFtime and decided to give it a try. I found this particular challenge very interesting, though I took more than 7 hours to solve it. XD. Okay, lets dive right in.

Challenge description
Challenge description

Naveen Prakaasham K S V

Bug Bounty Hunter | CTF player | Student

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store