I participated in the H@cktivityCon 2021 CTF alongside some talented hackers - we placed 57th out of over 2,000 participating teams. My contributions weren't that big - but I did learn
Given that this vulnerability is still in triage, I will give a vague overview of the bug chain. Whilst working on my automation, I was investigating various interesting subdomains that it had found.
When I started the challenge, I was greeted with this: Hovering over the links, I noticed that the links contained a recipe parameter. So, I opened the link in a new tab. Clearly
I consider myself, in my infinite laziness, to be primarily an information disclosure-oriented hunter. This is, of course, subject to change, but due to work commitments and whatnot, this is what I am
Trello is a nice website owned by Atlassian. It lets you create "boards" which contain "cards". Tasks can be moved between cards. It's a great system for keeping track of things. You can