Pest Control Technician. Muting "how to get into bug bounties" since 1990. One of many Tryptamine’s children.
Dec 1, 2021 • 5 tweets • 2 min read
Last 4 sqlis were found and submitted once I finally had my computer connected to the internet and managed to sit down after the flooding mess. First 3 issues submitted last day of Airbnb with the cleaning lady yelling at me.
No calamity stops Osirys. Thanks @SynackRedTeam
I guess I should now go buy a decent computer, my metabox with nvidia on Linux can’t cope with my 5k res monitor.
Nov 24, 2021 • 5 tweets • 2 min read
1/ Thread about file upload exploitation
you have a file upload resource where you managed to upload arbitrary files, however failed to find where they got uploaded and you think there go my chances of #RCE. Hold your breath you might still get it:
2/ At this point you don’t know - if ever - where the file might potentially get executed, could be on a different server than the original web app with different tech.
Approach: 1. Make sure you have a sniffer always running on a VPS of yours ->
Jun 22, 2021 • 17 tweets • 4 min read
1/ almost completely blew my entire account. in a few months i must have reached .45 BTC 4 times, and perhaps went back to .2 at least 8. now rekt with .03 BTC. never felt better - finally freed from this obsession of “getting rich quick”. the truth i learned about myself is /
/2 that i am not a particularly lucky person. to get anywhere or accomplish something - i have to work hard and things never just came to me on a silver platter - but had to sweat and earn them. /