| Post Account Takeover? Account Takeover of Internal Tesla Accounts |
|
|
|
| Bypass firewalls with of-CORs and typo-squatting |
|
|
|
| Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) |
|
|
|
| Tesla paid me $10,000 because of Directory Indexing |
|
|
|
| How I got access to 25+ Tesla’s around the world. By accident. And curiosity. |
|
|
|
| ELECTRIC CHROME - CVE-2020-6418 on Tesla Model 3 |
|
|
|
| How I got my first big bounty payout with Tesla |
|
|
|
| Hunting Tesla Model Y Secrets in the Parts Catalog |
|
|
|
| Exploiting Wi-Fi Stack on Tesla Model S |
|
|
|
| Responsible denial of service with web cache poisoning |
|
|
|
| Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program |
|
|
|
| How we invented the Tesla DOM DOOM XSS |
|
|
|
| Tesla Motors blind SQL injection |
|
|
|
writeups.xyz
/
Tesla