Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug UXSS Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by...

BugPoC: XSS PoC for the wacky.buggywebsite.com challenge

Summary: https://wacky.buggywebsite.com/frame.html is vulnerable to DOM-based XSS. Steps To Reproduce: 1. Navigate to https://oembed.dev.ipwnedyour.net/wacky.buggywebsite.com.xss.html 1. Verify the document's origin is displayed in an alert box. PoC code details: The PoC page at...

BugPoC: Reflected XSS at wacky.buggywebsite.com/frame.html

Summary: I solved that CTF to pop alert1 Steps To Reproduce: https://bugpoc.com/pocbp-HoQPW64U PoC ID: bp-HoQPW64U Password: AptBeAGlE03 Supporting Material/References: https://imgur.com/a/ZD7rOvH attachment / reference Impact General XSS impacts. Also, I mistakely used document.domain instead of...

BugPoC: XSS Challenge

Hello, ID: bp-oJelDA6b Password: PLEAsEdYAk24 Impact The attacker can steal any user session data...

BugPoC: [BugPOC and Amazon XSS CTF writeup] A CSP Bypass Story

Summary/Description: There were quite multiple restrictions imposed while executing JavaScript on the website. I have divided them into three segments which are explained below Bypassing the iframe loading restriction The URL https://wacky.buggywebsite.com/frame.html?param=Hello,%20World when...

BugPoC: csp bypass leads to xss on wacky.buggywebsite.com

Summary: report will be uploaded later - need some sleeps █████████ ███ Steps To Reproduce: PoC above Thanks for the challenge. I tried to use bugpoc for everything but ended up using aws to host the js file - seemed fitting as well and served the purpose. F1065889 Impact taking over all the whac...

BugPoC: XSS :D

Great summary found here https://medium.com/bugbountywriteup/wacky-xss-challenge-with-amazon-by-bugpoc-d10d43d7707c This is the accepted solution of wacky xss ctf by bugpoc that amazon sponsored. Here is the write up for the same...

BugPoC: Finally , CTF is Solved

Summary: Hey Ryan , Thanks for your hints , I was finally able to get /etc/passwd file , Here's my bugpoc id and password. ID - ████ Pass- ██████████ File:-...

BugPoC: LFI to steal /etc/passwd - Bypass filter in the <meta property="og:image"> tag via redirect and much more

Hey Team, Good &simple challenge. Wasn't able to find time to attempt this initially but was able to go about it today. The explanation of the bug with the POC is hosted on bugpoc.com Here is the id & password as requested - BugPoC ID : bp-wHwB2qAF - Password : dARKlYbAnana89 POC Screenshot using...

BugPoC: Users can Change their Own Email Address

BugPoC uses AWS Cognito for authentication and user pool management. @vasi42 noticed that they were able to use the Cognito API, UpdateUserAttributes, to update their own email address. Calling this API without subsequently calling the VerifyUserAttribute API puts your account into an unverified...

BugPoC: DOM based Cross-site Scripting

Summary: The postMessage API is an alternative to JSONP, XHR with CORS headers and other methods enabling sending data between origins. It was introduced with HTML5 and like many other cross-document features it can be a source of client-side vulnerabilities. Steps To Reproduce: Visit -...

BugPoC: Improper use of "path" parameter can be used to trick testers into leaking their Front-End PoC

Summary: In https://bugpoc.com/testers/front-end, the populateFromFragment function incorrectly assigns hash parameter path to the subdomain element, allowing the "Test" functionality of the Front-End PoC Generator to open a popup on any domain instead of the expected web.bugpoc.ninja. It can be...