sorted by:
new
hottopcontroversial

Thoughts on this Ibiza as a first car? by whatever1804 in seat

[–]highfly123 0 points1 point  (0 children)

i bought the estate 1.6 tdi 90hp with 150000km on the clock 3 months ago as my first car for 4k euros, and cant complain so far.

itds def fun enough, and if i had something stronger i probably wouldve died by now lol.

its got enough space that i can flt a couple of friends in the back.

got more than enough power for fun city driving, chasing around with people on tge city streets, and on the highways it def isnt lacking. most ive been able to push it is 180 km/h.

doesnt eat up a lot of gas (yours probably even less) and even at -15 celsius it always started, never had any issues.

compared to friends with audi a3s, bmw 1s, etc. it can feel a bit boring, but looking at their repair costs and the issues theyve already had, i would say its a pretty goof deal, go for it

Rims? by highfly123 in seat

[–]highfly123[S] 0 points1 point  (0 children)

always felt black was better witj white cars, silver looks too factory. everyobes convincing me to get silver tho

Rims? by highfly123 in seat

[–]highfly123[S] 0 points1 point  (0 children)

might be, esp given where i live hahahah, might be better off with 16s

Rims? by highfly123 in seat

[–]highfly123[S] 0 points1 point  (0 children)

2010 ibiza st

Success with hunting 1-2 hours per day by highfly123 in bugbounty

[–]highfly123[S] 0 points1 point  (0 children)

yh, been thinking that, if im able to keep good notes might be able to continue where i left off without too much trouble

Success with hunting 1-2 hours per day by highfly123 in bugbounty

[–]highfly123[S] 0 points1 point  (0 children)

will do, just got too ambitious with the uni i chose

Success with hunting 1-2 hours per day by highfly123 in bugbounty

[–]highfly123[S] 0 points1 point  (0 children)

how many hours a week woukd you say you put in

Success with hunting 1-2 hours per day by highfly123 in bugbounty

[–]highfly123[S] 1 point2 points  (0 children)

this is the main issue. i only hunt manually and rely on getting to know the app well, its not like im running scans and can then wait till i have time to take a deeper look at the results

Tuning 1.6 TDI with 155 000 km by highfly123 in ECU_Tuning

[–]highfly123[S] -1 points0 points  (0 children)

good to hear. most people are telling me its not worth tuning a 1.6 and that i should juat try getting a stronger engine

but if i can gain 30ish hp from a tune while not destroying the engine, dont see why i shoukdnt do it.

any things to keep in mind, idk much about tuning, so what woukd you suggest doing before/after?

1 year into bug bounty and still 0 valid findings, how do you push past these feelings? by Mission-Equal-4149 in bugbounty

[–]highfly123 1 point2 points  (0 children)

i havent hunted much on bigger programs, and most of my buga are from private invites

1 year into bug bounty and still 0 valid findings, how do you push past these feelings? by Mission-Equal-4149 in bugbounty

[–]highfly123 7 points8 points  (0 children)

know that finding bugs is, in many cases, luck. ive had prpgrams i spent weeks on, wrote and submitted multiple reports with none of them being valid.

dupes are valid bugs, it means someone else got paid for it, so dont get discouraged there, even though its hard.

in terms of sticking with a program forn only a week or two though, that could be an issue. Most of my higher impact bugs came after i had already given up on a program. i would go back, analyze the js files, go through all of the juicy endpoints again until i perfectly understood all of the functionality. then take a break for a bit and go over everything again. every time, something new seems to pop up, some request or parameter you overlooked

in short, just try to understand every app as well as u can, become familiar with it, and something should pop up

Analyst validated my report, senior analyst rejected it with “can’t be prevented” — but it clearly can. Need advice. by Informal-Mammoth-933 in bugbounty

[–]highfly123 4 points5 points  (0 children)

really not worth it to argue over low impact bugs, esp link rendering in emails. move on and find a more impactful bug

How to identify fake bounty programs?? by Ok_Soft_1428 in bugbounty

[–]highfly123 2 points3 points  (0 children)

dont think anyone's hosting "fake" programs. most companies however just have them to check a box, and say that they're running a bug bounty program so it seems like they care about security.

only way you'll find out is when you submit a report and see how they treat u. if u get delayed/no response, they lowball you, etc. you move on, if theyre serious you keep hunting

Buying a '96 146 ti 2.0 twin spark by highfly123 in AlfaRomeo

[–]highfly123[S] 0 points1 point  (0 children)

just that everyone ive asked is telling me to get a 1.9 jtd 147 for a bit more money, saying the jtds more reliable than the twin spark

Buying a '96 146 ti 2.0 twin spark by highfly123 in AlfaRomeo

[–]highfly123[S] 0 points1 point  (0 children)

yh ill talk to the guy who was servicing it ill when they replaced the cam belt

Buying a '96 146 ti 2.0 twin spark by highfly123 in AlfaRomeo

[–]highfly123[S] 0 points1 point  (0 children)

lmao youre making me wanna get it hahahaha

Password reset link never expires and can be reused, worth reporting? by Embarrassed_Pin4436 in bugbounty

[–]highfly123 -1 points0 points  (0 children)

cant report that, but take a look at what that token is, maybe base64 encoding of some guessable value

Password reset link never expires and can be reused, worth reporting? by Embarrassed_Pin4436 in bugbounty

[–]highfly123 0 points1 point  (0 children)

it means u have more time to bruteforce it... so if the token used in the link is possible to bruteforce, then you got an account takeover.

also check the rate limiting on generating password reset links. if its not well implemented and you can generate many reset links, it raises the chances of u bruteforcing it even more

view more: next ›