Post

Week #8 Focusing On Myself

Posted
Preview Image
By Frey
4 min read

Another Note

Before starting, I must say this week was cool, and I learned that I am still far away from being called a pro! I looked around myself and found hyenas, but I don’t want to be in that crowd. So, I should leave all that behind and keep developing myself in the dark alley. I need to force myself to do the hard tasks.

What Happened Last Week?

  • Found 4 Bugs (actually 5)
  • Got a chance to collaborate with one of the coolest hackers
  • Started learning C programming again
  • Cool office project pentest
  • Exploring new things
  • Learned Curl
  • Doing 500 pushups every day
  • Exploring business logic errors
  • Need to work on my anger issues I’m a good guy
  • Spoke to my Russian friend

Hello there and greetings, everyone! I know I’m not making any tutorials like I used to, but please bear with me as I’m preparing for BSCP, and I’m barely keeping up with the labs and all. I need discipline! There are a lot of things on my mind that I want to achieve, but your brother is still weak!

Found 4 BUGS

  • Open redirection: Still trying to chain it with something so I can take over the account
  • Sensitive file disclosure
  • Weak DMARC one
  • IDOR
  • Basic business logic error

As much as I want to talk about all these, they don’t have that much complexity—just as simple as they sound. I would love to write some writeups if I find a bug where I can really use my brain and make a high impact.

Got a Chance to Collaborate with One of the Coolest Hackers

Now, this was cool. I usually hack alone and never seek help, but it’s always fun to hack with someone who is in your own game and doing the same thing! I got the chance to hack with one of the coolest hackers I know. We hunted for like 2–3 hours and tried to escalate on the bug, but unfortunately, we couldn’t make much impact. Still, it was fun. It was cool how fast we learned about the target and their business model. Now, all that’s left for next week is to find interesting endpoints, as per the plan. Let’s see how it goes.

Starting Learning C Programming Again

I know I was doing Rust, but somehow C came back to my mind. I used to do some C programming, and I even made a whole C programming GitHub repo in the past containing all my codes. Now I’m going to resume it. Why am I doing C? Well, the reason is to fix my math skills and build logic while coding. The best way to learn programming is to make projects that help you in daily life, so we’ll do that.

Cool Office Project Pentest

Not much to share here, but my colleague and I were tasked with testing a Wi-Fi service. We successfully took over the account via MAC address. That’s all I can say—it’s confidential!

Exploring New Things

When you see cool things, you want to touch them, try them, and you can’t stop thinking about them. It might drive you crazy, but this is wrong—you have to live too! What I mean by “new things” are new ways to exploit vulnerabilities. If you don’t know them, how can you use them?

Learned Curl

I thought, why not use Curl more effectively—not just for downloading images or massive scripts for hot girl pics, but for real hacking purposes? So, I decided to use Curl more and more, making it useful. I found the founder’s YouTube channel, and it’s a pure gem.

Doing 500 Pushups Every Day

I’m not saying I’m strong like Batman or something, and I don’t wish to show off. I get lost in my own mind sometimes, so to keep myself going, I do pushups—day 1, day 2, day 3, etc.—and I post about it on Twitter!

Exploring Business Logic Errors

I’m working through 3 labs: Auth, path traversal, and OS command. Now I’m focusing on business logic errors. It’s taking time, but I know I’ll cover it if I put in the effort—and I WILL! The reason being that logic errors require logical thinking and a specific approach. That’s why you see manual hunters using them a lot.

I Need to Work on My Anger Issues—I’m a Good Guy

I’m trying, but I keep failing at this. I don’t know what to do. I might need help, maybe?

Spoke to My Russian Friend

Finally, I spoke for about an hour with my new friend from Moscow. The dude is 28, but he keeps saying he’s 27—maybe he wants to stay young! Haha. But he’s cool. I’m not sure where this friendship will lead, maybe to Web3, but I don’t want to dive into Web3 just yet. I’m scared, haha!

Web Security
Web Security Programming
This post is licensed under CC BY 4.0 by the author.