Facebook text message actions pincode could be bruteforced

In the beginning of 2016, I posted about my resolutions for this year, about how I set this goal of being successful in the bug bounty programs of my self declared ‘big four’ : Apple, Microsoft, Google and Facebook.

Read more →

Stored XSS icloud.com


In january of this year, I decided to take a look at Apples Icloud.
I already had participated in their program before, in 2015 I found a web server misconfiguration that could lead to remote code execution in their discussion forum. I didn’t feel satisfied with this since I had not been able to execute actual code on the server. I reported it and it was patched in a few hours.

Because of the Apple-FBI issue, I decided to take a look at the Icloud, since a lot of private information is stored there.

Read more →

Microsoft education remote code execution


A couple months ago, I found the time to hunt some bugs. I didn’t feel like hunting big programs like Facebook, or Google services, but I recently discovered that Microsoft also launched a bug bounty program so I decided to have a look there. I actually wanted to research on one of their sites that is eligible  for a monetary reward, just to challenge myself.

One way or another however, I ended up on a Microsoft subdomain  education.microsoft.com and it seemed pretty secure at first.
There was xss protection on all inputs, and csrf tokens were in place.

I then discovered a feature to build my own course page, the editor looked a bit like these website builders, it seemed a cool target so I started fiddling with it.


Read more →

My goals for 2016

In the beginning of 2016  I set some goals that I had to achieve before the end of the year. I have done some bug hunting before, but this year, I wanted to find bugs in the big four.
My big four consists of:

  • Microsoft
  • Apple
  • Google
  • Facebook

I’m quite sure I can achieve the first two because I have reported bugs in their systems before.
I expect to hunt more in the second half of the year due to a busy first half.