by Julien Ahrens | Wednesday, July 22, 2020 | Bug Bounty
What Do Bug Bounty Platforms Store About Their Hackers? I do care a lot about data protection and privacy things. I’ve also been in the situation, where a bug bounty platform was able to track me down due to an incident, which was the initial trigger to ask...
by Julien Ahrens | Tuesday, September 10, 2019 | Bug Bounty
TL;DR While doing recon for H1-4420, I stumbled upon a WordPress blog that had a plugin enabled called SlickQuiz. Although the latest version 1.3.7.1 was installed and I haven’t found any publicly disclosed vulnerabilities, it still somehow sounded like a bad...
by Julien Ahrens | Thursday, June 20, 2019 | Bug Bounty
TL;DR Sucuri is a self-proclaimed “most recommended website security service among web professionals” offering protection, monitoring and malware removal services. They ran a Bug Bounty program on HackerOne and also blogged about how important...
by Julien Ahrens | Monday, May 13, 2019 | CVE, Exploit
I came across an unauthenticated Remote Code Execution vulnerability (called CVE-2018-7841) on an IoT device which was apparently using a component provided by Schneider Electric called U.Motion Builder. While I’ve found it using my usual BurpSuite foo, I later...
by Julien Ahrens | Tuesday, April 9, 2019 | Advisory, Bug Bounty
This is the story of an unauthenticated RCE affecting one of Dropbox’s in scope vendors during last year’s H1-3120 event. It’s one of my more recon-intensive, yet simple, vulnerabilities, and it (probably) helped me to become MVH by the end of the...
