Blogger | Security Researcher | Digital forensic analyst | Twitter — @mrunal110

The program does not release or incorrectly releases a resource before it is made available for re-use.the function fails to release a lock it acquires, which might lead to deadlock.

Image for post
Image for post

1. Android SQLite Database

The Android activity fails to release the Android database handler in its onPause(), onStop(), or onDestroy() event handlers.An Android activity fails to release the Android database handler in its onPause(), onStop(), or onDestroy() event handlers.

The Android activity maintains an Android SQLite database handler that is not closed in onPause(), onStop(), or onDestroy() callback. The Android OS invokes these callbacks whenever it needs to send the current activity to the…


Image for post
Image for post

Hello guys

I hope you liked the CTF and the virtual hacking conference.

I come directly to the point “ सीधी बात नो बकवास ”


A buffer overflow, or buffer overrun, occurs when more data is put into a fixed-length buffer than the buffer can handle.

Buffer overflow is probably the best known form of software security vulnerability. Most software developers know what a buffer overflow vulnerability is, but buffer overflow attacks against both legacy and newly-developed applications are still quite common. Part of the problem is due to the wide variety of ways buffer overflows can occur, and part is due to the error-prone techniques often used to prevent them.

In a classic buffer overflow exploit, the attacker sends data to a program, which…


When security and privacy demand clash, privacy should usually be given a higher priority. To accomplish this and still maintain required security information, cleanse any private information before it exits the program.

To enforce good privacy management, develop and strictly adhere to internal privacy guidelines. The guidelines should specifically describe how an application should handle private data. If your organization is regulated by federal or state law, ensure that your privacy guidelines are sufficiently strenuous to meet the legal requirements. Even if your organization is not regulated, you must protect private information or risk losing customer confidence

There are several…


Explanation

Redirects allow web applications to direct users to different pages within the same application or to external sites. Applications utilize redirects to aid in site navigation and, in some cases, to track how users exit the site. Open redirect vulnerabilities occur when a web application redirects clients to any arbitrary URL that can be controlled by an attacker.

An Open Redirection is when a web application or server uses an unvalidated user-submitted link to redirect the user to a given website or page. Even though it seems like a harmless action to let a user decide to which page he…


Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).

CREEPY Most of us are addicted to social networks, and image sharing is one of the most utilized features of these platforms. But sometimes when we share these pictures it’s not just the image that we are sharing but might also the exact location where that picture was taken. Creepy is a Python application which can extract out this information and display the…


Pro Tips For Bug Bounty

Image for post
Image for post

1) clear your mindset about bugbounty ( learning > money)

2) Always focus the target as it’s a fresh one

3) Always look at the path less visited. Hunt on subdomain rather than main domain

4) Don’t rely only an online courses and videos. Reading books and blogs gives much better insight

5) Don’t ask people to share their Poc videos. If they wanted to flaunt would’ve share it before

6) Follow everyone from infosec (Twitter). Hands on people’s latest blog as soon they are available

7) Don’t feel your starting late.its …


An iFrame injection is a very common cross-site scripting (or XSS) attack. It consists of one or more iFrame tags that have been inserted into a page or post’s content and typically downloads an executable program or conducts other actions that compromise the site visitors’ computers. In the best case, Google may label the site “malicious.” The worst case is that the site owner and visitors end up with malware-infected computers.

frame injection, which occurs when a frame on a vulnerable web page displays another web page via a user-controllable input.

GET /search.jsp?query=%3Ciframe%20src=%22https://google.com/?%22%3E%3C/iframe%3E HTTP/1.1
Host: ****.net

Image for post
Image for post


During the assessment, I have found the debug URL on xyz.com which is disclosing the error logs..

sorry i can’t disclose website name …

lets start…

when i start to recon and try to find bugs on this program .

i tried many things like xss,idor,nd etc….(nothing spot)

when i try to find xss .. then most of the time i got error (xyz.com/errors)

after one day i tried some diff payloads and many thing but nothing works.

anything i tried (random xss payload) it was always redirect one page(xyz.com/errors)

then after few hours i try this

GET /errors/errors.log HTTP/1.1


Explanation

Modern web browsers support a secure flag for each cookie. If the flag is set, the browser will only send the cookie over HTTPS. Sending cookies over an unencrypted channel can expose them to network sniffing attacks, so the secure flag helps keep a cookie's value confidential. This is especially important if the cookie contains private data or carries a session identifier.

Image for post
Image for post

In this case a cookie is created but setSecure() is not called or is called with the value false.

Example: In the example below, a cookie added to the response without setting the Secure property.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store