| Writeups: Facebook Whitehat program(2021): Instagram Live setting bug |
|
|
|
| How to prevent more than 200 million users from using Google services |
|
|
|
| Simple logical Bug turned into a bounty |
|
|
|
| Workplace by Facebook | Unauthorized access to companies environment — $27,5k |
|
|
|
| How did I earn €€€€ by breaking the back-end logic of the server |
|
|
|
| Supply Chain Attacks via GitHub.com Releases |
|
|
|
| Page Owners Can’t remove or change page roles of deactivated users (or if Attacker blocks the page owner) in Facebook Lite, Facebook for Android and touch.facebook.com |
|
|
|
| New Clubhouse Security Vulnerabilities Could Happen to Any Growing Unicorn |
|
|
|
| IDOR leads to leaked the likes count even though is hidden by victim | YouTube ($XXXX) |
|
|
|
| Misconfiguration in Change-password Functionality Leads to Account Takeover |
|
|
|
| (POC) Remove any Facebook’s live video ($14,000 bounty) |
|
|
|
| Lets Learn English - Hacking 10M+ Users |
|
|
|
| Auth Issues |
|
|
|
| What if you could deposit money into your Betting account for free? Oh wait where has this 25k came from… |
|
|
|
| Gain write permission of repositories with a bug in GitHub Actions |
|
|
|
| My first Bug report at Facebook 2021 |
|
|
|
| How to bypass CloudFlare bot protection ? |
|
|
|
| PoC: The easiest 125 Euro’s I Ever made |
|
|
|
| How to Harpon Big Blue! |
|
|
|
| Stealing arbitrary GitHub Actions secrets |
|
|
|
| Low hanging fruits on Facebook Group Room. Unable to remove post on group when post room add with event ($500) |
|
|
|
| The Invincible Kid |
|
|
|
| Story About Stop 10000+ users to get Their job notification |
|
|
|
| Expose Facebook object type (including private objects) |
|
|
|
| Leaking Facebook user information to external websites / Setting some cookies values |
|
|
|
writeups.xyz
/
Logic Flaw