Binaries vs websites
It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.
Hi again! Thank you for reading my third blog post. Happy to share all the details with you on the Insecure Direct Object Reference attack (IDOR) as mentioned in my first blog. It has been resolved by OLX and publicly disclosed on HackerOne, meaning it’s time for a write-up!
Hello again and thanks for reading my second blog post! After publishing my first blog I kept on trying to hack different companies and websites. Not as easy as I had hoped for! It took me quite some time to find another security issue after the IDOR in my first month. This SOME issue I found is not to be made public, so I won’t be able to mention company details and will have to mask url’s etc.
Thank you for taking the time to read my first blog post. My name is Roderick Schaefer, known as kciredor in the exciting world of security bug bounties. I’m new and working hard to get very much involved. By sharing my journey and considerations so far, I’m hoping for more interested people to give it a shot!
subscribe via RSS