ismail

96 posts

ismail banner
ismail

ismail

@_ismailu

Bug bounty Hunter https://t.co/Z3jM436GFO butterfly

Nigeria Katılım Temmuz 2022
776 Takip Edilen309 Takipçiler
Sabitlenmiş Tweet
ismail
ismail@_ismailu·
How I hacked a famous transportation company and accessed every driver's PII. The Bug: IDOR/Improper Access Control. The injection point is in the header after using a 'CURL' request. 🧵 Thread #bugbountytip #bugbountytips #hackerone #infosec #bugcrowd
ismail@_ismailu

Alhamdulillah I just got one of the unique high IDOR ever found resolved. In one of the famous multinational transportation company The bug let me access to thousands of drivers pii (address, transactions, account balance e.t.c ) #BugBounty #bugbountytips

English
9
20
165
12.7K
ismail
ismail@_ismailu·
@Atomsmade I just created a wordlist containing possible userid
English
0
0
1
183
Ola 🧑🏿‍💻
Ola 🧑🏿‍💻@Atomsmade·
@_ismailu What was the payload used for brute forcing the authdriveid. Was it self made word list?
English
1
0
0
192
ismail
ismail@_ismailu·
How I hacked a famous transportation company and accessed every driver's PII. The Bug: IDOR/Improper Access Control. The injection point is in the header after using a 'CURL' request. 🧵 Thread #bugbountytip #bugbountytips #hackerone #infosec #bugcrowd
ismail@_ismailu

Alhamdulillah I just got one of the unique high IDOR ever found resolved. In one of the famous multinational transportation company The bug let me access to thousands of drivers pii (address, transactions, account balance e.t.c ) #BugBounty #bugbountytips

English
9
20
165
12.7K
ismail
ismail@_ismailu·
Alhamdulillah I just got one of the unique high IDOR ever found resolved. In one of the famous multinational transportation company The bug let me access to thousands of drivers pii (address, transactions, account balance e.t.c ) #BugBounty #bugbountytips
ismail tweet media
English
9
1
146
17.3K
Muhammad Ahmed
Muhammad Ahmed@ahmed_ah206·
@_ismailu Assalam u alaikum brother can you tell how you find it , JazakAllah khairan ♥️
English
1
0
1
302
ismail
ismail@_ismailu·
4 and after fuzzing 20 different "authdriverid" BOOM 😯 i got access to different user pii. i realized some users are inactive that is why i got blank information.
English
1
0
5
737
ismail
ismail@_ismailu·
3 i was like what's the use of "authdriverid" in the request and what if i change it . i changed the "authdriverid" but it returned with blank information.I thought it was not vulnerable . but i said let me brute force the "authdriverid" .
English
1
0
3
758
_
_@CyberScanDev·
@_ismailu Nice find🥳
English
1
0
1
315
ismail
ismail@_ismailu·
Alhamdulillah I earned my first four digit bounty Bug : dependency confusion lead to RCE #bugbounty
ismail tweet media
English
24
2
222
12.3K
ismail
ismail@_ismailu·
Alhamdulillah JavaScript reading is always worthy I Hope it will triage #BugBounty
ismail tweet media
English
7
6
102
6.4K
ismail
ismail@_ismailu·
@Arourmohamed01 Here's medium article @alex.birsan/dependency-confusion-4a5d60fec610" target="_blank" rel="nofollow noopener">medium.com/@alex.birsan/d…
English
0
1
3
275

Keşfet

@Saoud_Maryout @Hacker0x01 @Atomsmade @MiteshValvi12 @QWERTYRBG @ahmed_ah206 @CyberScanDev @levomoramide