1.3.6.1.4.1.61513Mar 18
bunnings trade site in firefox always runs through this login box thats dumped full of json for some reason. what crimes are going on
Show thread1.3.6.1.4.1.61513Mar 18

Looks like it just sets the redirectUri?

{"auth":{"operation":"trade_login","redirectUri":"https://trade.bunnings.com.au/sign-in"}}

Show thread1.3.6.1.4.1.61513Mar 18
I had to scratch that itch. this site has.... vibes
Show thread1.3.6.1.4.1.61513Mar 18
A lot of questions being asked about the "intranet" subdomain
Show thread1.3.6.1.4.1.61513Mar 18
I love that this host just like, has directory listing enabled as well
Show thread1.3.6.1.4.1.61513Mar 18
I also love that companies just have their uat shit hanging out on the internet
Show thread1.3.6.1.4.1.61513
what if we put our MCP server uri into an openid scope?
Mar 18 at 2:20amWeb
Show thread1.3.6.1.4.1.61513Mar 18

"you shouldn't be poking around at this stuff"

hey! it told me to!

Show thread1.3.6.1.4.1.61513Mar 18
this ones just... weird.
Show thread1.3.6.1.4.1.61513Mar 18

anyway, thats how you can find a bunch of interesting things to explore by just googling around for inurl:bunnings / domain:bunnings.com.au

why bunnings? not sure, got distracted.

Show threadCrystaleMar 18
@xssfox thanks, I hate it
Show threadAlesandro Ortiz 🇵🇷🏳️‍🌈Mar 18
@xssfox the emails, they are in the cloud
Show threadMorganMar 18
@xssfox if they don't fuck it all up then they'd be left to just seeing other people doing it!