Armaan PathanBreaking the Barrier: Remote Code Execution via SSTI in FreeMarker Template EngineIn 2023, I discovered a significant vulnerability in an application that was using outdated version of the FreeMarker template engine. The…6 min read·Jul 6, 2023----
Armaan PathanExploiting DOM Based XSS via Misconfigured postMessage() FunctionToday, we will be discussing how to exploit DOM-based XSS through Misconfigured Postmessage function. Two sites can communicate with each…4 min read·Mar 31, 2022----
Armaan PathanPDFReacter SSRF to ROOT Level Local File Read which led to RCEWhat is PDFReacter? - PDFReacter is a parser which parses HTML content from HTML to PDF.2 min read·Apr 18, 2019--3--3
Armaan PathanScary Bug in Burp Suite Upstream Proxy Allows Hackers to Hack HackersOne day I was playing with a tool debookee (Network Traffic Interception) in the office, I noticed that the tool was intercepting facebook…3 min read·Apr 6, 2019--4--4
Armaan PathanBrute Forcing User IDS via CSRF To Delete all Users with CSRF attack.While testing an application, there was a module “Delete User” in which an admin can delete any user.2 min read·Mar 12, 2019--1--1
Armaan PathanAbusing ACL Permissions to Overwrite other User’s Uploaded Files/Videos on s3 BucketHi all, Today I am writing a blog about on a recent finding on HackerOne’s one of the program. I was looking for IDORs in an application…4 min read·Dec 30, 2018----
Armaan PathanChain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution )Hi everyone, After completing my OSCP certification I thought to give a try to bug bounty, as OSCP has sharpened my exploitationSkills.2 min read·Sep 18, 2018--3--3
Armaan PathanHow i hacked my Internet Service Provider and automated the attack. ( Hacked to Learn)I’ll be using victim.com as a site name in the article as i cannot disclose the name.It was a normal day and i was looking for some good…3 min read·Feb 17, 2018--4--4
Armaan PathaninInfoSec Write-upsChaining Self XSS with UI Redressing is Leading to Session Hijacking (PWN users like a boss)while i was testing the web application i have found self xss. which has no impact. but i wanted to exploit this vulnerability, so have…2 min read·Sep 18, 2017--1--1
Armaan PathaninInfoSec Write-upsStealing User Details By Exploiting CORSlets start with Cross Origin Resource Sharing. Below is the figure that how CORS works.2 min read·Sep 17, 2017--6--6