From Directory Listing to Breaking Logins
This article details a sequence of vulnerabilities chained together during a bug bounty engagement. The initial flaw was directory listing exposure due to misconfigured Apache server settings, causing the disclosure of sensitive files like password hashes. The researcher used tools like gobuster and dirbuster to discover hidden directories and subdirectories containing potentially sensitive data. Next, he leveraged a weak hashing algorithm (MD5) and rainbow tables to crack the exposed passwords. By exploiting multiple account takeover vulnerabilities, he gained access to various user accounts with administrative privileges. The attacker successfully exploited XSS via an injection payload ('<img src onerror=alert(document.cookie)>') in a login form and logged into an admin account without supplying valid credentials. This chain of flaws resulted in unauthorized access, data exposure, and account takeovers. The researcher received $10,000 for reporting the vulnerabilities. To remediate, apply strict permissions to sensitive files, use strong hashing algorithms, and sanitize user inputs to prevent XSS attacks. Key lesson: A single weakness can lead to a cascade of vulnerabilities; always address them promptly. #BugBounty #Cybersecurity #WebSecurity #DirectoryListing #PasswordHashing #XSS

https://0x0meowsec.medium.com/from-directory-listing-to-breaking-logins-02f15533eed7?source=rss------bug_bounty-5

I Spent 3 Months Failing at Bug Bounty — This Roadmap Fixed Everything
The article describes a bug bounty beginner's experience and the roadmap that helped him improve his skills. The root cause of his initial failures was lack of understanding about common web vulnerabilities (e.g., XSS, SQL Injection) and ineffective searching strategies. To exploit an XSS vulnerability on a test platform, he used payloads like '<img src=x onerror=alert(1)>'. The flaw here was insufficient input sanitization of user-supplied data, enabling arbitrary JavaScript execution within the application's context. By following a tailored learning path (e.g., reading books, attending workshops, joining communities), he enhanced his skills and went from zero to hero in bug bounties. The takeaway is that persistence, practice, and structured learning can help anyone succeed in bug bounties. #BugBounty #Cybersecurity #WebSecurity #XSS

https://medium.com/@vivekps143/i-spent-3-months-failing-at-bug-bounty-this-roadmap-fixed-everything-907218fb5f05?source=rss------bug_bounty-5

How a Routine Security Review Turned Into a Full Supply Chain Risk Discovery
This article discusses an XSS (Cross-Site Scripting) vulnerability within an enterprise application, which led to the exposure of its entire supply chain. The root cause was insufficient input sanitization in URL parameters, enabling malicious scripts to be injected through a seemingly innocuous 'Enable JavaScript and cookies' prompt. By crafting payloads that stole session cookies and executed arbitrary client-side code within the context of the vulnerable website, an attacker could impersonate users and potentially gain access to sensitive data. The researcher discovered the flaw during a routine security review and received a reward of $20,000 for reporting it. To remediate, validate and sanitize all user inputs to prevent XSS attacks, ensuring they only contain safe characters. Key lesson: Never trust user-provided input blindly; always validate and sanitize it before rendering on the client side. #BugBounty #Cybersecurity #XSS #InputSanitization #SupplyChainRisk

https://medium.com/@mothersamantha/how-a-routine-security-review-turned-into-a-full-supply-chain-risk-discovery-02cac53fe174?source=rss------bug_bounty-5

Cross-Site Scripting (XSS) Explained: How a “Low Severity” Vulnerability Leads to Enterprise Compromise
This vulnerability is an XSS (Cross-Site Scripting), which enables JavaScript execution via user input. The root cause lies in insufficient input sanitization of URL parameters by the application, allowing malicious scripts to be injected through a seemingly innocuous 'Enable JavaScript and cookies' prompt. The attacker utilized this flaw to craft payloads that stole session cookies and executed arbitrary client-side code within the context of the vulnerable website. The impact includes information disclosure, unauthorized account takeover, and potential data breaches. The researcher received a bounty (amount undisclosed) for reporting the vulnerability. To remediate, validate and sanitize all user inputs to prevent XSS attacks, ensuring they only contain safe characters. Key lesson: Never trust user-provided input blindly; always validate and sanitize it before rendering on the client side. #BugBounty #Cybersecurity #XSS #InputSanitization #WebSecurity

https://medium.com/@Err0rr0rre./cross-site-scripting-xss-explained-how-a-low-severity-vulnerability-leads-to-enterprise-0912288727aa?source=rss------bug_bounty-5

كيف اكتشفتُ ثغرات أمنية قبل اختراق الحساب عدة مرات — دليل سهل للمبتدئين
This article discusses a Cross-Site Scripting (XSS) vulnerability in a web application. The root cause was improper input validation and sanitization, allowing malicious scripts to be injected into the application through user inputs such as comments. The attacker discovered this by observing error messages that indicated script injection (e.g., 'Uncaught SyntaxError'). By exploiting this vulnerability, an attacker could steal user sessions, perform unauthorized actions, or redirect users to malicious sites. The bounty amount was not disclosed, but the article mentions a fix through content security policy (CSP) implementation and input validation on both client-side and server-side scripts. Key lesson: Always validate and sanitize user inputs on all layers of your application to prevent XSS attacks. #BugBounty #WebSecurity #XSS #InputValidation #Infosec

https://medium.com/@montaser_mohsen/%D9%83%D9%8A%D9%81-%D8%A7%D9%83%D8%AA%D8%B4%D9%81%D8%AA%D9%8A-%D8%AB%D8%BA%D8%B1%D8%A7%D8%AA-%D8%A3%D9%85%D9%86%D9%8A%D8%A9-%D9%82%D8%A8%D9%84-%D8%A7%D8%AE%D8%AA%D8%B1%D8%A7%D9%82-%D8%A7%D9%84%D8%AD%D8%B3%D8%A7%D8%A8-%D8%B9%D8%AF%D8%A9-%D9%85%D8%B1%D8%A7%D8%AA-%D8%AF%D9%84%D9%8A%D9%84-%D8%B3%D9%87%D9%84-%D9%84%D9%84%D9%85%D8%A8%D8%AA%D8%AF%D8%A6%D9%8A%D9%86-c86f68feece2?source=rss------bug_bounty-5

A lot of XSS write-ups focus on HTML injection (innerHTML, document.write, etc).

But navigation-based sinks are just as dangerous.

If user input reaches location.href, a javascript: URI can turn a redirect into code execution in the page’s context.

I put together a practical breakdown with examples and real-world patterns:

https://medium.com/@marduk.i.am/why-location-href-isnt-just-a-redirect-f7c77c0e4bcd

#xss #cybersecurity #bugbounty

Du hast sicher schon erlebt, dass eine Variable „weg“ ist, sobald eine Methode fertig ist. Gleichzeitig scheinen Objekte manchmal ewig zu leben - bis plötzlich der Speicher knapp wird. Das ist kein Zufall, sondern hängt daran, *wo* Java Dinge ablegt. Wenn du Heap, Stack und Metaspace einmal sa

https://magicmarcy.de/heap-stack-und-metaspace-warum-variablen-verschwinden-und-objekte-nicht

#Heap #Stack #Metaspace #Lebensdauer #Speicher #Xms #Xmx #Xss #Programming #Java #JVM #Coding