This is the walkthrough for the uncaptured challenges from c0c0n XI CTF organized by RedTeamVillage.
There wont be much screenshots because I forgot to take it please apologize
In this challenge all we need was to post a photo of our team and tweet in and send the link to the admins via Telegram Just to ease up everyone
c0c0n is an annual international cybersecurity, data privacy and hacking conference organised by the International public-private partnership led by the Society for the Policing of Cyberspace (POLCYB) in association with Information Security Research Association (ISRA), Group of Technology Companies ( GTec) and Kerala State IT Mission.
The registration was quiet easy as the organizers noted down our names and contact details and gave us the rules and a hash that was needed to verify the registration in the CTF platform and a really cool Badge
Few week ago I was talking to a friend of mine when he gave me a subdomain that had an admin panel and asked me weather I could find a way to get inside, Why not give it a try.
So its been some time since I've done some Bug Bounty as I was busy working .
I wont be revealing the Program due to Privacy Issues …
I started my initial recon by doing some subdomain enumeration using KNOCKPY SUBLISTER etc..
And i got a subdomain named test.REDACTED.com there was nothing much to look for it returned a simple static HTML page , Then I did a Directory Scan using Dirsearch
So Hey everyone I am back with another write-up this time its Oracle
This is a really short write-up and there wont be much info
So few weeks back I was sitting at home watching TV and looking at my linked in when the Postman came with my Udacity Swag and I saw a post by someone who found a XSS in Oracle so I thought lets find some..
So I didn't have my laptop ( because i was so lazy to go upstairs) but I had termux in my mobile so I ran sublister against oracle.com and landed on…
This was a bug that I found back in 2017. This started when a friend of mine (a.k.a 1337) showed me a T-Shirt that he got from Sony . So I thought why can’t I get one so I started doing Recon on the target Sony had a wide range of domains and Sub-domains. I spend 2 days looking for a bug on Sony's main domain and I got nothing
So went for the next thing Acquisitions Same result. So I thought I should do something else so started Dorking
Security NOOB :)