//
sign in
Profile
by @danabra.mov
Profile
by @dansshadow.bsky.social
Profile
by @jimpick.com
AviHandle
by @danabra.mov
AviHandle
by @dansshadow.bsky.social
AviHandle
by @katherine.computer
EventsList
by @katherine.computer
ProfileHeader
by @dansshadow.bsky.social
ProfileHeader
by @danabra.mov
ProfileMedia
by @danabra.mov
ProfilePlays
by @danabra.mov
ProfilePosts
by @danabra.mov
ProfilePosts
by @dansshadow.bsky.social
ProfileReplies
by @danabra.mov
Record
by @atsui.org
Skircle
by @danabra.mov
StreamPlacePlaylist
by @katherine.computer
+ new component
ProfilePosts
Loading...
Fun parser differential to fallback SVG sanitizer bypass: github.com/freescout-he...
i made a new game called js crossword where you have to solve it by literally writing javascript code that eval()'s into the correct values! check it out if you're into ctfs or wanna challenge your javascript skills lyra.horse/fun/jscrossw... <3
3mo
Thanks @cryptocat.me for inviting me to my first ever podcast! Check out the section at 29:36 😄
25d
1mo
Happy to have made some web chllaenges for Plfanzen CTF. The evetn runs next weekend, cehck it out! plfanzen.lol
(2/2) After some wild ideas of leaking it, I found a different solution using the obscure "Variables" (curl.se/docs/manpage...) feature of curl. We can define and expand {{USERPROFILE}}, then finish with an 8.3 Shortname "StartM~1" to avoid issues with a space! The final payload:
New blog post is out! A few vulnerabilities in Mailcow. A critical unauthenticated XSS, and another interesting Self-XSS escalation involving a Login CSRF with a leftover tab. Check it out: www.aikido.dev/blog/xss-vul...
1mo
Now that everybody's had a chance to solve it, here's a timelapse of my playtesting run of the JavaScript Crossword! SPOILER WARNING: Please try it yourself first in the post below, it's very satisfying to solve, I don't want you to miss out on that 😄 (1 second = 2 minutes)
We tested another mail client, Roundcube this time. The agents found a Stored Self-XSS vulnerability that could really only be exploited with Cookie Tossing. Scary for password reset tokens... Blog post below: www.aikido.dev/blog/roundcu...
I won't keep you in mystery any longer, here's how I found an XSS vulnerability *in* Shazzer! The chain involved some interesting browser techniques no sane developer could foresee. Check out the details below: jorianwoltjer.com/blog/p/stori... (and thanks @garethheyes.co.uk for making Shazzer!)
Cool exploit with @0x999.net: He found that \x7F breaks Chrome's "Copy as cURL (cmd)" command parsing in Windows Console Host. In combination with a ", it allowed you to add any arguments to curl. With -o writing files is easy, but we need the username for the startup path... (1/2)
1mo
2mo
16d
1mo
22d
1mo
Video
Jorian
Jorian
Jorian
Jorian
Jorian
Jorian
Jorian
How I found an XSS in Shazzer, a tool for discovering and sharing browser quirks through fuzzing. Not *using*, but *in* Shazzer. We'll explore some useful techniques with Blob URLs to unsandbox malici...
jorianwoltjer.com
Finding XSS on Shazzer (literally) | Jorian Woltjer
Jorian
Jorian
Rebane
i made a new game called js crossword where you have to solve it by literally writing javascript code that eval()'s into the correct values! check it out if you're into ctfs or wanna challenge your javascript skills lyra.horse/fun/jscrossw... <3
25d
Rebane
Just want to say @jorianwoltjer.com is awesome. You'll find out why soon...
23d