Paying houses one dup at a time
Joined February 2021
- Tweets 20
- Following 12
- Followers 134
- Likes 67
Photos and videos
follow the 🧵
8 May 2022
Got an file upload restricted to `.json` files ANYWHERE on the system?
Try to overwrite an dependency manager file, like package.json or composer.json
Most times they have an "scripts" property that runs a command before every action, like an update.
#bugbounty #bugbountytips
2
duphouse retweeted
5 May 2022
Yay, @MozillaSecurity released the CVE-2022-29912 for a bug that I reported in the last @duph0use mozilla.org/en-US/security/a…
3
14
duphouse retweeted
20 Nov 2021
Just published my new tool called h2rs which detects potential request smuggling via HTTP/2 downgrades.
Feedbacks and PR are welcome! If you wan to try install with pip3 command below:
pip3 install h2rs
source code: github.com/riramar/h2rs
3
72
209
duphouse retweeted
30 Oct 2021
My research about IDO & IGO platforms is having very interesting results :)
Tested Platforms (until now): 15
Vulnerable Platforms: 8
Some of the vulnerabilities allows attackers to change the smart contract of the token, info leak and so on!!!
1
7
duphouse retweeted
28 Sep 2021
Messing Nuclei up
Dropping 2 malicious templates and a false positive server
lude.rs/h4ck1ng/messing_nucl…
5
12
duphouse retweeted
24 Sep 2021
Security researchers @k33r0k and @lbherrera_ have detailed a mutation XSS in Kitsune, an open source platform that runs support.mozilla.org gccybermonks.com/posts/mxss/
2
8
duphouse retweeted
24 Sep 2021
A contrived solution for the "Basic context length limit, arbitrary code" impossible lab working on Firefox: lbherrera.github.io/lab/impo… @PortSwiggerRes
1
20
92
Nuclei < v2.5.2 was vulnerable to RCE.
I found that you could achieve RCE by using a malicious .yaml template and exploiting nuclei's headless browser feature, which runs with sandbox disabled.
Thanks @pdnuclei for the quick update and fix.
PoC:
gist.github.com/c3l3si4n/88f…
3
61
296
duphouse retweeted
12 Jul 2021
Quer saber como funciona um ataque a dispositivos Android? @caioluders, da @eltctfbr, explica o passo a passo no nosso portal: bit.ly/3r4RPEO
5
10
My Solution to HackUs in Pwn2Win CTF
0-day XSS in CodiMD
github.com/RenwaX23/X/blob/m…
2
13
73
duphouse retweeted
30 May 2021
This year, for Pwn2Win 2021 CTF, I relaunched MessageKeeper. The main idea was to exploit Chrome's AppCache fallback section (and the fact that it matches URLs by prefix) - I think it was the hardest challenge I created to date! A solution can be found on gist.github.com/lbherrera/f5…
1
42
137
duphouse retweeted
22 Feb 2021
I've just found another "git clone" vulnerability that allows me to execute arbitrary code on the victim's machine!
Writeup soon :)
8 Dec 2020
Yay, I was awarded a $1,000 bounty on @Hacker0x01! hackerone.com/rapt00r #TogetherWeHitHarder
Got a CVE too :)
CVE-2020-26233
More details: github.com/microsoft/Git-Cre…
1
2
19
