writeups.xyz

This Website is a collection of Information Security and Bug Bounty writeups that allows you to easily filter writeups by vulnerabilities, programs, authors, and more, making your research and exploration of security issues simpler and more efficient.

Important Note: Please remember that the inclusion of a program or target in this directory does not imply permission to conduct any hacking activities. Always review and adhere to the specific policies of each program before taking any action.

Title	Vulnerabilities	Programs	Authors
Jailbreak of Meta AI (Llama -3.1) revealing configuration details	AI LLM Prompt Injection LLM Jailbreak	Meta / Facebook (Llama)	Kiran Maraju
Zeroday on Github Copilot	AI LLM Prompt Injection	GitHub (Copilot)	Marlon Fabiano (@Astrounder)
ElasticSearch Smash & Grab	Elasticsearch Information Disclosure Missing Authentication	Undisclosed	Jesse Clark (@Hogarth45_)
Leaking All Users Google Drive Files	Broken Access Control	Google (Drive)	Cam (@SecretlyHidden1)
Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies	Web Cache Poisoning CPDoS HTTP Request Smuggling Access Control Bypass	ATS Nginx HAProxy	Bahruz Jabiyev (@BahruzJabiyev) Anthony Gavazzi Kaan Onarlioglu Engin Kirda
Hacking Moodle Apps Via External Functions	Broken Access Control Security Code Review	Undisclosed	Florian Walter
Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)	Path Traversal RCE Security Code Review	CSLA.NET	Sam Pizzey
Repo Jacking: The Great Source-code Swindle	Repojacking	Hashicorp (Terraform) Composer (Packagist)	Elliot Ward
Anyone can Access Deleted and Private Repository Data on GitHub	Cross Fork Object Reference (CFOR)	GitHub	Joe Leon (@JoeLeonJr)
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions	Privilege Escalation Cloud CI/CD	Google (GCP)	Liv Matan (@TerminatorLM)
Exploiting Broken Authentication Control In GraphQL	Cloud GraphQL Privilege Escalation	Undisclosed	Aleksa Zatezalo (@ZatezaloAleksa)
Recursive Amplification Attacks: Botnet-as-a-Service	DDoS	Undisclosed	Ben Kofman Ryan Grunsten
Studying 0days: How we hacked Anki, the world's most popular flashcard app	RCE Components With Known Vulnerabilities Arbitrary File Read Arbitrary File Write XSS Security Code Review	Anki	Jacob Autumn Skerritt
3 ways to get Remote Code Execution in Kafka UI	RCE Insecure Deserialization Groovy Scripting JMX	Kafka UI	Michael Stepankin (@Artsploit)
Canary Token OSS Security Audit Report (Q2 2024)	DoS Stored XSS SSRF	Thinkst (OSS Canary Tokens)	Viktor Chuchurski (@Viktorot) Francesco Lacerenza (@Lacerenza_fra)
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty	XSS CSRF	Microsoft (GroupMe)	Alex Bryant Aditya Dindi Eric Esquivel
Injecting Java In-memory Payloads For Post-exploitation	Post-Exploitation	Undisclosed	Clément Amic (@Loadlow) Hugo Vincent (@Hugow_vincent)
NO_WILDCARD: How I discovered the Organization ID of any AWS Account	Information Disclosure Cloud	AWS	Sam Cox
I hacked a card printer software (CVE-2024-34329)	Local Privilege Escalation DLL Hijacking Windows	Entrust	P0pcycle
JNDI Injection Remote Code Execution via Path Manipulation in MemoryUserDatabaseFactory	RCE JNDI Injection Security Code Review	Undisclosed	Steven Seeley (@Steventseeley)
Exploiting GCP Cloud Build for Privilege Escalation	Privilege Escalation Cloud CI/CD	Google (GCP)	Ayush Singh (@Hac10101)
Information Disclosure that made me $2000 in under 5 minutes	Information Disclosure	Undisclosed	Sugam Dangal (@SugamDangal2)
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bug	Spring Boot Information Disclosure	Undisclosed	Fahad Faisal (@Cametome006)
Breaking Down Barriers: Exploiting Authenticated IPC Clients	IPC Client D-Bus Shared Object Injection Authentication Bypass	Undisclosed	Ajay S.K
Capturing Exposed AWS Keys During Dynamic Web Application Tests	Cloud Broken Authorization	Undisclosed	Aleksa Zatezalo (@ZatezaloAleksa)

Page 6 of 255