Authentication Bypass Using Root Array
Lots of #bugbountytips get posted on twitter, but some of them are ... weird. Let’s explore the technical details of one tweet to understand where this tip came from, why this tip was wrong, and eventually learn about the real underlaying vulnerability. This is a surprising turn of events!
advertisement:
Get my handwritten font
Checkout our courses on
The #bugbountytips tweet:
Eslam’s old post:
Eslam’s new blog:
Follow Eslam on Twitter:
Day[0] Podcast:
Chapters:
00:00 - Intro
00:41 - The bugbountytips Tweet
01:21 - The Original Blog
02:43 - Talking to Eslam about the Happy Accident
04:36 - Digging Deeper
05:39 - Researching Login Code with Codeigniter
06:54 - Example Vulnerable Login Code
08:08 - Improving the Writeup
09:18 - Surprise SQL Injection!
11:37 - Conclusion
12:31 - hextree
=[ ❤️ Support ]=
→ per Video:
→ per Month:
2nd Channel:
=[ 🐕 Social ]=
→ Twitter:
→ Streaming:
→ TikTok: @liveoverflow_
→ Instagram:
→ Blog:
→ Subreddit:
→ Facebook:
2 months ago 00:19:33 1
2 months ago 00:08:35 1
5 months ago 00:35:44 1
5 months ago 00:01:57 1
5 months ago 00:03:25 1
8 months ago 00:01:22 1
9 months ago 00:29:24 4
11 months ago 00:12:50 1
11 months ago 02:09:39 15
11 months ago 00:56:42 5
1 year ago 00:04:27 1
1 year ago 00:03:50 1
1 year ago 00:10:30 1
1 year ago 00:01:04 2
1 year ago 00:09:53 1
1 year ago 00:02:40 1
1 year ago 02:15:49 10
1 year ago 00:00:23 2
1 year ago 00:00:13 1
1 year ago 00:32:44 1
1 year ago 00:01:04 1
2 years ago 00:13:24 1
2 years ago 00:10:29 1
2 years ago 00:24:38 1
