Nov 2, 2022Chaining Multiple Vulnerabilities Leads to Remote Code Execution (RCE) on One of the Payment Service Companies.Jenkins RCE through groovy script console. Hey everyone! I hope you all are doing well! Rohit Soni is back with another write-up and this time it’s about multiple security vulnerabilities I found and chained them together to achieve RCE on one of the payment service companies. …Bug Bounty6 min readBug Bounty6 min read
Jun 19, 2021Exploiting File Upload Functionality in Unique Way.Observe the behavior of your target. You may end up with a unique and cool findings. Hey everyone! I hope you all are doing well! Rohit soni is back with another write-up and this time it’s about a bug that I found few months back while working on internal pentesting…Bug Bounty5 min readBug Bounty5 min read
Published inSystem Weakness·Jan 20, 2021Story Behind Sweet SSRF.Persistence is the Key to Success.🔥 Hey everyone! I hope you all are doing well! Rohit soni is back with another write-up and this time it’s about critical SSRF which leads to AWS credentials disclosure. Let’s dive into it without wasting time. Couple of months back when there was lockdown…Bug Bounty5 min readBug Bounty5 min read
Jul 15, 2020Recon wins - Part 1Can browser extension get you high severity vulnerabilities? Hey everyone! I hope you all are doing well! Rohit soni is back with another write-up and this time it is about how shodan browser extension helped me to get high severity vulnerability while hunting on moviexchange.com …Bug Bounty4 min readBug Bounty4 min read
Jun 29, 2020How I Got Hall of Fame in just Two Minutes.A short story behind how I got hall of fame in teamster.app by finding my first broken link hijacking in just two minutes. Hey everyone! I hope you all are doing well! I am rohit soni and this is my first write-up hope you will enjoy :-) First of all…Broken Link Hijacking3 min readBroken Link Hijacking3 min read
