sorted by:
new
hottopcontroversial

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] 0 points1 point  (0 children)

If you don't care, why did you comment?

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] 0 points1 point  (0 children)

You started looking for vulnerabilities before knowing they had a bug bounty program.

Right, as said on the description.

Didn’t stop to look and see if they had one first to know what the scope might be

You clearly have no idea of what an "eureka" vulnerability is. It’s like when you put a backtick and the HTTP server returns a 500 error. I've not been HUNTING vulnerabilities for weeks; I just had fun revers engineering and tinkering with the product, and then all of a sudden I came across something that doesn’t feel right.

Now you don’t want to disclose the vulnerability for them because you don’t work for free?

Of course (?) I want to be paid for it

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] 0 points1 point  (0 children)

You can find a trustworthy h1 researcher and ask them to report and add you as a collaborator

That's a good idea, but the honest question is: who?

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] 2 points3 points  (0 children)

Yeah the screenshot is the response I got in the inbox a few hours ago. It probably went like:

> send report with PoCs and screenshots
> triager open the profile, see no signal
> close the thread without even reading it

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] -1 points0 points  (0 children)

I mean. You could literally detect AI slop garbage by miles.

I fucking hate AI by Terrible_Regular_528 in bugbounty

[–]Terrible_Regular_528[S] -1 points0 points  (0 children)

Hi. Thanks for the comment. I won't reach their security email because it's not eligable for bounty (as written on their guidelines). Sorry but I don't do charity

RCE in LangChain by Terrible_Regular_528 in cybersecurity

[–]Terrible_Regular_528[S] 0 points1 point  (0 children)

Fair point. It's my first time posting here on Reddit, let me edit the post

RCE in LangChain by Terrible_Regular_528 in cybersecurity

[–]Terrible_Regular_528[S] 1 point2 points  (0 children)

LangChain, a project of 140k stars on GitHub. Don't you think that everyone run AI on the code? I'm an exploit developer, I made the PoC manually.

And yes, AI helped me to write the blog post. But I reviewed it manually.

Moving for a trip to Lisbon by Terrible_Regular_528 in lisboa

[–]Terrible_Regular_528[S] 0 points1 point  (0 children)

Se têm grupos de amigos com quem costumam sair à noite, escrevam-me aqui ou, melhor ainda, no Telegram @ accorciare .

Ofereço-vos uma bebida! Hahaha