infosec

Claiming a microsoft shorturl for an easy phish

**tl;dr;** Microsoft has an internal use shorturl service at **go.microsoft.com** that can be enumerated for hijackable links. It might be useful for you as a red teamer if you want to phish windows users.

Read
infosec

Bitbucket CSRF on SSH Add Key Endpoint via superdomain cookie

In October 2022 I found a pretty specific CSRF vulnerability on Bitbucket Server (the self hosted version). Since it has now been patched, here are the details.

Read
infosec

kms.nhp.gov.in rooted via syncthing

In May last year (2022) I found and disclosed a vulnerability on a subdomain of nhp.gov.in. Using an exposed syncthing admin interface, I was able to gain root SSH access to the server by syncing the `/root/.ssh` directory.

Read
programming

Quick way to scrape websites

In this post I want to show a quick way to scrape websites using the python package requests-html and firefox's developer tools.

Read
programming

Python Logging Cheatsheet

Cheatsheet of how to use python's built in logging

Read
infosec

Exfiltrating Past CSP Directives

An example of using Google Analytics to exfiltrate past CSP directives on HackerOne

Read
infosec

Revoking a PGP Key from MIT's Key Server

Instructions on how to revoke your public PGP key from MIT's Key Server.

Read