Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Mustafa Can İPEKÇİ Profile picture
Mustafa Can İPEKÇİ
@mcipekci
I'm an engineer from Turkey, who is interested with biotechnology, computer science and digital gaming. Proud father of three little devils. A.K.A nukedx
Mar 21, 2023 6 tweets 2 min read
Few months ago @osiryszzz and me discovered an interesting case of SQL injection on the @SynackRedTeam target which was black box testing.

During recon we noticed that there was an unrestricted file upload mechanism available to the any user. #bugbounty #bugbountytips /1 We noticed that the target was only processing the ZIP files but where the content unzipped wasn't clear which was preventing potential RCE or file overwrite via ZIP bombing. /2
Apr 20, 2022 8 tweets 2 min read
As of today I passed half million milestone on @SynackRedTeam with 200k of it on last 90 days. So far this month about to catch previous one too, we will see what is going to happen in next 10 days :). #bugbounty #bugbountytips ImageImage Almost all my bugs this month was SQLis again. I'll try to give another example from the unique ones.
Feb 26, 2022 6 tweets 2 min read
On recent engagements to the on program on @SynackRedTeam, I find out that target had error based SQL injection on LIMIT clause, it appears that DBMS was MariaDB 10.4.13 so it was limiting options to be used on the injection. #bugbountytips #bugbounty 1/5 Only way to exploit the vulnerability was using PROCEDURE ANALYSE on the injection point. However we were not able to use subqueries inside analyse because it's not allowed. So our options were limited to fetch stuff like database(), user() etc. 2/5