Normal view

There are new articles available, click to refresh the page.
Before yesterdayPentest/Red Team

Hacking the Dutch government

5 April 2023 at 08:05
A few months ago I found out that the dutch government is hosting a bug-bounty program that covers a lot of assets from their infrastructures. The program scope available at https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid appears to be really wide, with more than 1000 targets, that allowed to find some interesting application by running some basic passive subdomain enumeration […]

Intigriti November XSS Challenge

21 November 2021 at 23:00
The bug bounty program Intigriti hosts an XSS challenge every month. This time, the challenge was about bypassing CSP by reloading a VueJS instance, getting able to exploit a client side template injection. My solution can be summarized in 4 main steps: Finding reflection and achieving HTML Injection Accessing an abusable piece of code, containing […]

Dynamic caching: What could go wrong?

27 July 2022 at 08:47
Tl;DrThe Engintron plugin for CPanel presents a default configuration which could expose applications to account takeover and / or sensitive data exposure due to cache poisoning attacks. Whenever a client sends a request to a web server, the received response is processed and served by the back-end service each time. In case of an high […]