PwrSpl0it

today I crossed 23 years, one year ago I got arrested for illegal hacking and I was about going to jail but thanks god and I thank everyone from the bug bounty hunting community for changing my life from the worst to the better especially @NahamSec @Jhaddix @Bugcrowd @Hacker0x01

@h4x0r_dz Isn't private?

50,000$ for a waf bypass woww Unfortunately, I'm banned on HackerOne, I can't participate in the party

@karan_srma try for sensitive cases DELETE endpoints / PATCH etc ...

Bug hunters, how do you usually test for IDOR? I know the basics (checking params, object IDs, user IDs etc.), but curious what patterns or workflows you use in real hunts. #BugBounty #WebSecurity #InfoSec

@skulldentist @chanukaisdumb @Bug_X_hunter bro it's not guessing here for UUID you can retrieve from different ways such as (archive-dorks-github) and for uber program they do accept idor on UUID

@newbiepath @chanukaisdumb @Bug_X_hunter See you said it yourself uuid Its impossible to guess uuids bro

My Progress : Almost 2 month of hunting 10 informative bugs, let's keep grinding

@skulldentist @chanukaisdumb @Bug_X_hunter no i was able to see anyone data. that was the vulnerable endpoint: ubereats.com/orders?mod=con… so basically any new order happened in right momment with the right uuid you will be able to see the data of otehr customers ( driver - geolocation)

@newbiepath @chanukaisdumb @Bug_X_hunter Aaah so basically you reported data that you should have access to

@Bug_X_hunter But it still impact for any new orders

@newbiepath Why idor got informative?

@Bug_X_hunter And the problem happened i did not realize there is time bounding and the triager while doing the assessment the information already deleted

@chanukaisdumb @Bug_X_hunter @skulldentist No they did not , and it's not full positive , the problem as i said about time bounding, after u order the 48 hours i can see driver info and the geolocation info after 48 hours those information automatically deleted by system

@newbiepath @Bug_X_hunter @skulldentist Wdym after 48 hours they disappear? Did they fix it?

@0trusts Im using cvss score

@newbiepath Why you put severity as none

let's see if we will got another informative bug or triaged

@calvin_minyate Thank you @calvin_minyate

@newbiepath keep going 🔥

@Gomawyy That's funny

Another dublicate

@Bug_X_hunter @skulldentist So when i report the bug the information were exposed but after 48 hours they disappear

@newbiepath @skulldentist Would you please explain it lil more?

@skulldentist @Bug_X_hunter not really that was the reason

@Bug_X_hunter @newbiepath Most probably impossible to guess the id

@stilla1ex unicode is much more effective but i think most of host providers patch it since you can register any domain with other keyboards schemes and it will exactly match the keywords

Hackers can create urls that look almost identical to legitimate ones. Can you spot the legitimate url? What type of attack is this.

@elonmusk Even @elonmusk forgot to put his phone on charge

There you have it

@fattselimi Play chess

What do you all do when you don't feel like Hacking? #BugBounty

@Cubed_h1 @Michael1026H1 That's mean they had a strong security engineer and that's a compliment to him hahahaha instead of offending hahaha

@newbiepath @Michael1026H1 Lmao you were sharing that like it’s feedback he needed. “There aren’t enough bugs at the company you’re working at :(“

Today marks my last day as a security engineer at Headspace as I move on to full time bug bounty.

@Michael1026H1 No don't feel offended im just shared my experienced i know my fault for not digging more

@newbiepath And? Should we have introduced more vulnerabilities for you to find?