Collection of Bug Hunting Activity
A story about how I Finally could use an AD account that unenrolled to MFA, by using an EWS Misconfiguration to Access Email Inbox and (Having...
A story about how I got several simple bugs (1 P2, 1 P3, and 2 P4s) on a target (that just allow Specific Country Code to...
How I Finally could Got into an Internal Network (and could accessing all of their internal assets) at One of the Biggest ICT company in the...
CVE-2019–18653 & CVE-2019–18654: The story when Reflected XSS was triggered from the SSID Name (It also affected AVG AntiVirus because basically the product codes were mostly...
The story of when you download a file that looks “legitimate”, but changes when you run the file. In the name of Allah, the Most Gracious,...
In the name of Allah, the Most Gracious, the Most Merciful. – Part I from (hopefully) IV Parts – Update I: Added a “Reference” Section. Update...
In the name of Allah, the Most Gracious, the Most Merciful. Description: The expired subscription pop-up could be bypassed by opening the .pdf document at the...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] IDOR...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] Ribose — IDOR...
In the name of Allah, the Most Gracious, the Most Merciful. Silahkan langsung mengunduh paper sederhana pada tautan berikut untuk dapat melihat tulisan ini lebih nyaman:...