Skip to main content

Posts

Showing posts from August, 2024

Tales of Failed Bug Bounty reports for Facebook

The users that have been going into the  year-wise   White hat thanks   list has significantly reduced if you check.. . You can find me four times in that list. There has been a check if it's an unlikely / rare scenario,  they just close the report and only say thanks for spending time. Image generated using Microsoft's Copilot  Bug 1: Auth Bypass:  This is my first Auth Bypass and very excited to report and aiming a  $ 20,000 as reward. A very interesting bug as Auth Bypass always ranks at the Top in the OWASP. I captured a vulnerable HTTP Request from https://business.facebook.com . It can be replayed any number of times for at most 2 hours, after the Victim has changed his password.  The report is closed because of the time-out of the session. The attack has gone in vane.  Bug 2: Disclosing if a user had been a member of Facebook group in the Past or has an active invitation.  For this exploitation, the Attacker requires User ID and ...

$1337 YouTube Community (Posts) bug

YouTube Community  is a feature that is only available for Channels with  1. Verified Phone numbers 2.  A significant history, more content for years. In the early June I started hunting for Security flaws on YouTube I was roaming around the features but most of the places have been found secure or already potential features had the bugs fixes in place. The Community Tab is now Posts So, I thought to exploit Youtube Community feature. I was trying to delete the Posts using IDOR attacks but it didn't work I was tired of trying various attacks but thought to compromise to the least "Privilege escalation".  The Security flaw... A user (victim) created a YT Community post, later an attacker while being an Admin of the same Channel has saved the HTTP Request that deletes a Community Post / Poll, then the attacker can replay that HTTP Request after he's demoted from Admin to Subtitle Editor  that would delete the Post / Poll. I exploited this flaw I tried after 15 ...