Active Members akkiliON Posted June 5, 2014 Active Members Report Posted June 5, 2014 Salut tuturor, A trecut o vreme de când n-am mai facut show-off. În data de 05.09.2014 (27 zile) am g?sit o vulnerabilitate în https://tw.admin.gamedb.games.yahoo.net ! Mai exact, am g?sit un SQL Injection în panoul de logare de la admin iar pân? la urm? am reusit sa fac bypass ! A?a am luat acces la site ?i puteam s? modific/uploadez ce vroiam eu. Din p?cate vulnerabilitatea care am raportat-o nu a fost eligibil? pentru o recompens?.This report is not eligible for a bounty because it is not within the scope for an award. However, the report is still considered when calculating your overall rank in the Hall of Fame.Dovad?:P.S: Se pare c? am fost ad?ugat în lista cu Top Hackers de la Yahoo. [ https://hackerone.com/yahoo ]Mul?umesc pentru timpul acordat. 3 Quote
nein Posted June 10, 2014 Report Posted June 10, 2014 te-or platit ceva? daca nu niste HOTIfelicitari ! Quote
Active Members akkiliON Posted June 10, 2014 Author Active Members Report Posted June 10, 2014 Am scris mai sus c? nu m-am încadrat.This report is not eligible for a bounty because it is not within the scope for an award. However, the report is still considered when calculating your overall rank in the Hall of Fame.b3hr0uz a fost recompensat pe 2 vulnerabilit??i grave care le-a g?sit în yahoo.net. Nu e singurul care a fost recompensat. Am dat doar un exemplu.https://hackerone.com/reports/2127 - HK.Yahoo.Net Remote Command Execution.https://hackerone.com/reports/3039 - SQL Injection ON HK.PromotionAsta e.Ce zici de asta ? https://hackerone.com/reports/4836 Quote
robertutzu Posted June 11, 2014 Report Posted June 11, 2014 (edited) https://hackerone.com/reports/4836 ce bulshit de retarzi el a urcat shell si ei The analytics team confirmed that this bug did not actually allow the output to be executed. asta dupa ce au reparat - fenomenalEdit: // lol nu vazusem si pe asta https://hackerone.com/reports/2127 )))))Yahoo! rewarded askwrite with a bounty. About 17 hours ago Edited June 11, 2014 by robertutzu Quote
askwrite Posted June 11, 2014 Report Posted June 11, 2014 @robertutzu, ce e cu mine? Adica ma refer de ce ai postat mesajul unde apare ca am luat si eu un bounty? Quote
robertutzu Posted June 11, 2014 Report Posted June 11, 2014 @robertutzu, ce e cu mine? Adica ma refer de ce ai postat mesajul unde apare ca am luat si eu un bounty? https://hackerone.com/feed - acum 17 ore zice ca ai luat si tu bounty Quote
askwrite Posted June 11, 2014 Report Posted June 11, 2014 Da, stiu ca am luat.Nu inteleg ce treaba are cu threadul de aici.Scuzati de off. Quote
robertutzu Posted June 11, 2014 Report Posted June 11, 2014 lol era ca faza ca erau multi romani pe acolo printre care si tu nimic deosebit, in fine Quote
