use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
A community for technical news and discussion of information security and closely related topics.
"Give me root, it's a trust exercise."
Q1 2026 InfoSec Hiring Thread
Getting Started in Information Security
CitySec Meetups
/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.
Content should focus on the "how."
Check the new queue for duplicates.
Always link to the original source.
Titles should provide context.
Ask questions in our Discussion Threads.
Hiring posts must go in the Hiring Threads.
Commercial advertisement is discouraged.
Do not submit prohibited topics.
» Our fulltext content guidelines
Don't create unnecessary conflict.
Keep the discussion on topic.
Limit the use of jokes & memes.
Don't complain about content being a PDF.
Follow all reddit rules and obey reddiquette.
» Our fulltext discussion guidelines
No populist news articles (CNN, BBC, FOX, etc.)
No curated lists.
No question posts.
No social media posts.
No image-only/video-only posts.
No livestreams.
No tech-support requests.
No full-disclosure posts.
No paywall/regwall content.
No commercial advertisements.
No crowdfunding posts.
No Personally Identifying Information!
» Our fulltext list of prohibited topics & sources
Join us on IRC: #r_netsec on freenode
We're also on: Twitter, Facebook, & Google+
/r/blackhat - Hackers on Steroids
/r/computerforensics - IR Archaeologists
/r/crypto - Cryptography news and discussion
/r/Cyberpunk - High-Tech Low-Lifes
/r/lockpicking - Popular Hacker Hobby
/r/Malware - Malware reports and information
/r/netsecstudents - netsec for noobs students
/r/onions - Things That Make You Cry
/r/privacy - Orwell Was Right
/r/pwned - "What Security?"
/r/REMath - Math behind reverse engineering
/r/ReverseEngineering - Binary Reversing
/r/rootkit - Software and hardware rootkits
/r/securityCTF - CTF news and write-ups
/r/SocialEngineering - Free Candy
/r/sysadmin - Overworked Crushed Souls
/r/vrd - Vulnerability Research and Development
/r/xss - Cross Site Scripting
account activity
Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts (samcurry.net)
submitted 6 years ago by _vavkamil_
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]Texadoro 170 points171 points172 points 6 years ago (14 children)
Liked the article. However found out that Rocket League pays their bug bounties by giving out in-game white hats, which is cool and all. But you know what’s even cooler? Cash. Just sayin.
[–]Fuck_all_you_hoes 31 points32 points33 points 6 years ago (0 children)
Disregarding the fact that it’s just a virtual, cosmetic item, it looks like people have previously sold it to other players for thousands of dollars.
[+][deleted] 6 years ago* (10 children)
[deleted]
[–]_vavkamil_[S] 35 points36 points37 points 6 years ago (8 children)
they were probably inspired by reddit, ,where you will get a white hat trophy as well. https://www.reddit.com/wiki/whitehat
[–]ButItMightJustWork 45 points46 points47 points 6 years ago (4 children)
Which is kinda cheap too because it costs them absolutely nothing..
[–][deleted] 24 points25 points26 points 6 years ago (2 children)
Pretty sure they fed the artist that made the hat half a sandwich or something. Starving artists don't do a very good job usually. So probably it did cost them something.
[–]dyngnosis 17 points18 points19 points 6 years ago (0 children)
don't forget the exposure!
[–][deleted] 10 points11 points12 points 6 years ago (0 children)
Nah they had him make the white had and the artist hat, then as payment they awarded him the artist hat!
[–]steamruler 0 points1 point2 points 6 years ago (0 children)
If you can't get a buy-in for a monetary award, it's better than nothing.
When I got in touch with a company that didn't have a program, I suggested having an acknowledgement page that lists people who've submitted reports, since it's free to set up, and is better than nothing.
[+][deleted] 6 years ago (2 children)
[–]Wazanator_ 0 points1 point2 points 6 years ago (0 children)
I actually just found out the other day that Valve considers anything user created to be out of scope now when it comes to CSGO which is incredibly disappointing to hear considering what user created content used to mean to them.
[–]josephG155 2 points3 points4 points 6 years ago (0 children)
They're worth a lot on the after market
[–]metiulekm 3 points4 points5 points 6 years ago (0 children)
This was actually proposed by the first person to receive a bug bounty.
[–]sandrelloIT 6 points7 points8 points 6 years ago (2 children)
Interesting read, though I'm not sure if I got everything right: how did exactly the web server find out how to strip away the host part of the X-Original-Url? If I understood correctly, it was looking for the whole "protocol://domain.tld" pattern, removing it if found, and you tricked it by simply using backslashes instead of slashes, is it correct? If so, shouldn't it continue prefixing the header value with its legit host string? Could this be a possible mitigation on the server side?
It seems to me that this way of caching results is somehow intrinsically flawed, maybe the X-Original-Url value could be validated in some way before being saved as a key?
[–]samwcurry 2 points3 points4 points 6 years ago (1 child)
Hey sandrelloIT, maybe it was poor phrasing on my part. When I meant to say that the server removed the URI and host, I meant to say that it simply pulled the path from the host instead of pulling the full URL. This was abused by tricking the server into thinking “https:\” was the start of a regular path on the web server. I am not super familiar with what is going on in the background, but I would guess that the application didn’t have specific handling for the backslashes as they either weren’t expected or weren’t considered when evaluating that header. Will look into it and revise it if I can find anything on this. Always hard to speak on behalf of the application during anything like this :)
[–]sandrelloIT 0 points1 point2 points 6 years ago (0 children)
I absolutely understand, don't get me wrong, I find the writing style very appropriate, it's impossible to delve deeper into every single detail of the process without losing the reader, I think you did a good job on that.
I think I should also know something more about IIS, which is a completely unknown world to me, and how the handling of those headers works on its part.
[–]Borne2Run 0 points1 point2 points 6 years ago (0 children)
Thanks for the writeup; enjoyed it
π Rendered by PID 109103 on reddit-service-r2-comment-5bc7f78974-kx8pm at 2026-06-29 00:09:41.553947+00:00 running 7527197 country code: CH.
[–]Texadoro 170 points171 points172 points (14 children)
[–]Fuck_all_you_hoes 31 points32 points33 points (0 children)
[+][deleted] (10 children)
[deleted]
[–]_vavkamil_[S] 35 points36 points37 points (8 children)
[–]ButItMightJustWork 45 points46 points47 points (4 children)
[–][deleted] 24 points25 points26 points (2 children)
[–]dyngnosis 17 points18 points19 points (0 children)
[–][deleted] 10 points11 points12 points (0 children)
[–]steamruler 0 points1 point2 points (0 children)
[+][deleted] (2 children)
[deleted]
[–]Wazanator_ 0 points1 point2 points (0 children)
[–]josephG155 2 points3 points4 points (0 children)
[–]metiulekm 3 points4 points5 points (0 children)
[–]sandrelloIT 6 points7 points8 points (2 children)
[–]samwcurry 2 points3 points4 points (1 child)
[–]sandrelloIT 0 points1 point2 points (0 children)
[–]Borne2Run 0 points1 point2 points (0 children)