Date : 10.07.17
Day 3 = same.day2();
Another wasted day.. 😑😑😑
Should work harder..
Monday, July 10, 2017
Friday, July 7, 2017
Day 1
I have planned to accomplish certain things.
Goals :
HOF : 24
Tshirt : 5
Reward : 60000 rupees
Started on " 08.07.2017"
DEADLINE - " 31.07.2017 "
Goals :
HOF : 24
Tshirt : 5
Reward : 60000 rupees
Started on " 08.07.2017"
DEADLINE - " 31.07.2017 "
In 2017
The last post was from 2014 and I made just a little progress in the field of bug bounty where others try to achieve milestones.
The following are the HOF's I got totally..
1.BarracudaLabs
https://barracudalabs.com/research-resources/bug-bounty-program/bug-bounty-hall-of-fame-2/
2.Telekom.de
https://www.telekom.com/en/corporate-responsibility/data-protection-data-securit/security/security/acknowledgements-358300
3.SchubergPhilis (T-Shirt)
https://www.schubergphilis.com/2014/12/15/responsible-disclosure-hall-of-fame
4.Google
https://bughunter.withgoogle.com/profile/66ac605b-ba27-48ef-9a33-6e0995e94e7b
5. ManageWP (Bounty)
https://managewp.com/white-hat-reward
6. Clojars
https://clojars.org/security
7. ShareLatex
https://www.sharelatex.com/security
8. BitCasa
https://support.bitcasa.com/hc/en-us/articles/202210658-How-To-Responsibly-Report-Security-Concerns
9.SplashID
https://splashid.com/security.php
10. Zendesk
https://hackerone.com/zendesk/thanks/prior
11. Sony
https://secure.sony.net/hallofthanks
12. Cayan (Bounty)
https://cayan.com/developers/resources/cayan-bug-bounty-program
13. InterGamma.nl (Bounty)
https://www.gamma.nl/klantenservice/veiligheid-privacy/responsible-disclosure
14. Apple
https://support.apple.com/en-in/HT207628
15. LavaSoft (Certificate)
http://www.lavasoft.com
16. StopTheHacker
https://hackerone.com/stopthehacker/thanks
17. Hubdia
https://hackerone.com/hubdia/thanks
18. Paypal
https://www.paypal.com/us/webapps/mpp/security-tools/wall-of-fame-honorable-mention
19. Crowdin
https://crowdin.com/page/hall-of-fame
20. EFF
https://www.eff.org/security/hall-of-fame
21. Appcelerator
http://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/
22. ActiveCampaign
http://www.activecampaign.com/security/bounty
23. CCM Benchmark
https://bountyfactory.io/ccm-benchmark-group/ccm-net-ccm-benchmark-group#HoF
24. Paymill
https://developers.paymill.com/guides/security/security-standards
25. ING Bank
https://www.ing.com/ING.com-Security.htm
26. Adobe
https://hackerone.com/adobe/thanks
Must improve a lot .......
The following are the HOF's I got totally..
1.BarracudaLabs
https://barracudalabs.com/research-resources/bug-bounty-program/bug-bounty-hall-of-fame-2/
2.Telekom.de
https://www.telekom.com/en/corporate-responsibility/data-protection-data-securit/security/security/acknowledgements-358300
3.SchubergPhilis (T-Shirt)
https://www.schubergphilis.com/2014/12/15/responsible-disclosure-hall-of-fame
4.Google
https://bughunter.withgoogle.com/profile/66ac605b-ba27-48ef-9a33-6e0995e94e7b
5. ManageWP (Bounty)
https://managewp.com/white-hat-reward
6. Clojars
https://clojars.org/security
7. ShareLatex
https://www.sharelatex.com/security
8. BitCasa
https://support.bitcasa.com/hc/en-us/articles/202210658-How-To-Responsibly-Report-Security-Concerns
9.SplashID
https://splashid.com/security.php
10. Zendesk
https://hackerone.com/zendesk/thanks/prior
11. Sony
https://secure.sony.net/hallofthanks
12. Cayan (Bounty)
https://cayan.com/developers/resources/cayan-bug-bounty-program
13. InterGamma.nl (Bounty)
https://www.gamma.nl/klantenservice/veiligheid-privacy/responsible-disclosure
14. Apple
https://support.apple.com/en-in/HT207628
15. LavaSoft (Certificate)
http://www.lavasoft.com
16. StopTheHacker
https://hackerone.com/stopthehacker/thanks
17. Hubdia
https://hackerone.com/hubdia/thanks
18. Paypal
https://www.paypal.com/us/webapps/mpp/security-tools/wall-of-fame-honorable-mention
19. Crowdin
https://crowdin.com/page/hall-of-fame
20. EFF
https://www.eff.org/security/hall-of-fame
21. Appcelerator
http://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/
22. ActiveCampaign
http://www.activecampaign.com/security/bounty
23. CCM Benchmark
https://bountyfactory.io/ccm-benchmark-group/ccm-net-ccm-benchmark-group#HoF
24. Paymill
https://developers.paymill.com/guides/security/security-standards
25. ING Bank
https://www.ing.com/ING.com-Security.htm
26. Adobe
https://hackerone.com/adobe/thanks
Must improve a lot .......
Saturday, January 11, 2014
My first bug which I Reported was Rejected....
In Facebook Recovering Section , I found one of the Input box was not sanitized to accept only required values.
Vulnerable URL :
https://m.facebook.com/login/identify?ctx=recover&mode=friendname&email=<any value>
In the "email" parameter , one can Insert any values namely text , number , characters.....
Proof Of Concept :
https://m.facebook.com/login/identify?ctx=recover&mode=friendname&email=Security%20test%20by%20Hari%20:)
Vulnerable URL :
https://m.facebook.com/login/identify?ctx=recover&mode=friendname&email=<any value>
In the "email" parameter , one can Insert any values namely text , number , characters.....
Proof Of Concept :
https://m.facebook.com/login/identify?ctx=recover&mode=friendname&email=Security%20test%20by%20Hari%20:)
Subscribe to:
Posts (Atom)