View RSS Feed

Recent Blogs Posts

  1. Command Injection in #Google for which I got 6000$

    Hey all ,

    Few months back I found a command injection bug in Google Cloud shell

    Since the title goes by the name "command injection" , you all might be thinking it as "normal Command injection which affects servers" but this vulnerability is quite different.
    We can put this in different way as "Client Side command injection".

    Lets get into the finding

    While I was testing "console.cloud.google.com" ...

    Updated 03-16-2016 at 02:08 PM by 41.w4r10r

    Categories
    Uncategorized
  2. A weekend with Cisco Meraki Bug Bounty, a tale of few web bugs .

    I was not much interested in bug bounties but the fact that I was interested in learning about Cloud Based products, and going through meraki made me a lot interested in there service. Meraki is a "cloud-managed network infrastructure company," whose products are designed to provide large-scale, distributed wired and wireless networks. An application to manage networks from cloud is big and cool to experiment for a hacker.

    So I decided to spent a week end of mine [ May ...