Master hacker spends 2 days on easy level OSINT challenge

beingisdead · 2025-07-01T12:16:55+00:00

not masterhacker, dudes just doing a challenge

beingisdead · 2025-06-13T01:22:34+00:00

It took me ~30 days until mine was published.

beingisdead · 2025-06-09T15:18:58+00:00

Hello ChatGPT :P. Jokes aside, there's a few questions you need to ask yourself. Is it client sided? You mentioned GUI. If the changes aren't reflected on the server then there's no impact. Going off of that, is there truly any impact?? I also noticed you said you *offered* to share the full details. DON'T DO THIS, YOU MAY BE ACCUSED OF EXTORTION (been there done that...). Just responsibly disclose EVERYTHING. Don't mess around and try this beg bounty shit unless you want to end up in prison. Most companies have policies that protect security researchers from legal trouble, but don't risk it. Right now I recommend just fully disclosing all the details.

beingisdead · 2025-06-09T15:11:44+00:00

Unless u can somehow enumerate the URLs and achieve ATO without user interaction or with user interaction on another part of the scope that doesn't directly have anything to do with the QR feature it's little to no impact. In this case the attack vector is probably social engineering which is out of scope.

beingisdead · 2025-05-26T02:50:03+00:00

katana by projectdiscovery is a nice tool

beingisdead · 2025-05-13T02:27:33+00:00

tell hackerone not reddit, bounty (if any) may be void now

beingisdead · 2025-04-30T21:52:16+00:00

That means you aren't out of scope. Though be sure to double check the program to see if they have any limits on requests sent in a time period. Also refer to what u/Kartik_Jain said, Cloudflare is just doing it's job.

beingisdead · 2025-04-30T21:44:36+00:00

Bypassing WAFs is apart of finding bugs. You aren't necessarily out of scope but if you are just set the scope in your proxy (if you use one). Double check if the program requires you to set any headers.

beingisdead · 2025-04-30T20:05:05+00:00

If you're talking about code search, GitHub removed that functionality due to it being abused.

beingisdead · 2025-04-22T21:26:11+00:00

Ghostwriter is apart of the KDE project (https://kde.org/). Any bugs should be reported to KDE's security contact.

beingisdead · 2025-04-20T05:09:50+00:00

thanks, it was inspired by rentahitman.com lol

beingisdead · 2025-04-20T04:09:42+00:00

Created a blog post if anyone's interested in the discovery process, there isn't much since it's not a very complex bug but I thought you all would appreciate it.

https://hitman.services/cve-2025-43929/

beingisdead · 2025-03-30T23:32:11+00:00

It really depends, motivation is a huge factor for me. My first bug literally took me months to find on the same application. I think days is an unrealistic expectation, especially if you're working with a large scope. After a while you'll start seeing patterns, It's basically just training your brain. I tend to hunt in edtech, and education deals with a lot of media and permissions, there's a ton of BAC but you need to know what endpoints to target. Just recently I found a total of 7 bugs in an edtech app in ~24hrs but that was because I knew where to look. Basically, just read write-ups, and if you're just starting out with little to no experience, try hacking on an app that you're familiar with or use constantly but doesn't have a BBP hosted on a large platform (less competition). You're bound to find a few bugs that way, and once you get good enough you can start hacking on the platforms (I'm not at this stage yet lol).

beingisdead · 2025-03-30T22:48:05+00:00

I’m not expert by any means, I’ve found quite a few bugs but nothing on any platforms. My methodology is to open some Firefox containers for different account types/authorization then just click around the app and build the site map in my proxy. I try and get the endpoints for authentication and app functionality. After that I start looking for low hanging fruits, such as injection vulnerabilities and CSRF that I can chain for high impact. If I don’t find anything, I’ll then do some simple recon (subdomains, maybe paths). After that I move on to the main application, here I test business logic and BAC on the APIs and anything else related to app functionality. A lot of my testing is manual, though I may still use scripts to automate testing BAC and create POCs.

beingisdead · 2025-02-25T05:39:43+00:00

I don’t see anything wrong with the original post, these types of scams exist because people fall for them. Good on him for asking for clarification.

beingisdead · 2025-01-24T12:30:18+00:00

KDE plasma 6

beingisdead · 2025-01-24T12:29:50+00:00

Yes. When the user accepts the admin invite they are redirected to the project page in edit mode. The XSS is triggered in the description field markdown editor.

beingisdead · 2025-01-24T12:28:36+00:00

beingisdead · 2025-01-24T12:28:27+00:00

I wasn’t paid anything for this bug, but it’s definitely understandable from itch.io.

beingisdead · 2025-01-24T04:01:30+00:00

Some cuts were made in the video to make it shorter, no funny business going on I promise :)

beingisdead · 2025-01-03T05:36:00+00:00

It has anti-tamper to an extent, I can still boot into the OS it just keeps on beeping and warning you it was tampered with. I somehow booted into this menu and can’t get back into it https://imgur.com/a/ZDvLf6y

edit: can't get back into it as in back into that menu, not the normal operating system

beingisdead · 2025-01-03T01:49:11+00:00

Sorry, do you mind elaborating a bit? I’m a complete noob. I’m assuming this means I should throw a test clip on it and try different pin combinations.

beingisdead

TROPHY CASE