Menelusuri Jejak Digital JombingoJombingo adalah aplikasi e-commerce yang cukup ramai dikalangan ibu-ibu karena mengusung konsep group buy, yang memungkinkan pengguna…Jun 25, 2023Jun 25, 2023
Published inInfoSec Write-upsServer Side Request Forgery (SSRF) TestingWell this story is just for fun testing SSRF not a bounty write up. I found a random web that vulnerable to SSRF but in order to exploit it…Jun 26, 20185Jun 26, 20185
Published inInfoSec Write-upsSQL injection with load file and into outfileWell this submission make me get the patient badge on h1 coz it’s more then 6 month (1 year) hehehehehe. I got sqli vulnerability when test…Feb 5, 20188Feb 5, 20188
Published inInfoSec Write-upsCommand Injection PoCSo back in December 2017 i found a command injection vulnerability in one of job listing site. Here is the simple proof of concept. The…Jan 15, 20185Jan 15, 20185
Cross-Site Scripting in Geovision GeoHttpServerWhile doing recon in Shodan, i found that Geovision GeoHttpServer script is vulnerable to Cross-Site Scripting (XSS). I don’t know which…Jun 22, 20172Jun 22, 20172
Cookie-Based Cross-Site Scripting (XSS)This vulnerability counts as low to medium risk. All you need is install Cookies Manager+ addon in firefox or any other addon/plugin used…Jun 6, 2017Jun 6, 2017
