HackerTrans
TopNewTrendsCommentsPastAskShowJobs

llui85

no profile record

Submissions

Hacking Google with A.I. For $500k

brutecat.com
16 points·by llui85·เดือนที่แล้ว·0 comments

Unauthenticated Object Write Vulnerability in MinIO

github.com
2 points·by llui85·3 เดือนที่ผ่านมา·1 comments

Hacking Google Support: Leaking call logs and deanonymising agents

michaeldalton.au
15 points·by llui85·3 เดือนที่ผ่านมา·2 comments

Hacking Google Support: Leaking millions of customer records ($14k bounty)

michaeldalton.au
2 points·by llui85·3 เดือนที่ผ่านมา·0 comments

comments

llui85
·3 เดือนที่ผ่านมา·discuss
MinIO (a widely-used "high-performance, S3 compatible object store" published this advisory, which allows for unauthenticated overwrites of any file.

Their open-source AGPL repository is no longer maintained and no patch has been provided - you must download the closed-source binaries to get the fix.
llui85
·3 เดือนที่ผ่านมา·discuss
This is the write up from my first Google vulnerability which exposed a whole bunch of call logs. It was a fun thing to discover and a nice reminder that even Google isn't infallible to these sorts of breaches.
llui85
·ปีที่แล้ว·discuss
I've always used the <plaintext> tag - an unclosable element that converts the rest of the document into raw HTML. It's very obvious.

https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/...
llui85
·ปีที่แล้ว·discuss
(2022)