Escalating Impact: Full Account Takeover in Microsoft via XSS in Login FlowMicrosoft’s login system featured a highly secure and complex architecture, built with multiple layers of protection that made analysis…Apr 20A response icon5Apr 20A response icon5
Bypassing E2E encryption leads to multiple high vulnerabilities.In today’s blog, I’m going to show you how I was able to bypass the E2E encryption of an application by analyzing an obfuscated javascript…Jan 20, 2023A response icon10Jan 20, 2023A response icon10
Can analyzing javascript files lead to remote code execution?In today’s blog, I’m going to show you how analyzing javascript files can lead to access unrestricted endpoints and to understand how the…May 8, 2022A response icon7May 8, 2022A response icon7
Published inInfoSec Write-upsHow I bypassed disable_functions in php to get a remote shellToday I will show you how I was able to bypass disable_functions and get a remote shell that lead me to access most of the users' files.Mar 13, 2022A response icon3Mar 13, 2022A response icon3
Intigriti 0821 XSS Challenge WriteupIn this post, I am going to walk you through the Intigriti 0821 XSS Challenge, I hope you enjoy reading.Aug 23, 2021Aug 23, 2021
ASCyberWargames2021 Qualifications | Retention | Web Challenge WalkthroughIn this post, I am going to walk you through a Web CTF challenge from Arab Security Cyber Wargames 2021 Qualifications, Hope you enjoy…Aug 1, 2021Aug 1, 2021
How I Bypassed a tough WAF to steal user cookies using XSS!Hi, I’m Asem Eleraky -aka Melotover- and today I will show you how I could bypass a tough WAF to execute XSS and make a full account…Jul 19, 2021A response icon5Jul 19, 2021A response icon5
How I leveraged XSS to make Privilege Escalation to be Super Admin!Hi, I’m Asem Eleraky -aka Melotover- and today I will show you how I could leverage an XSS vulnerability using XHR request to make the…Mar 24, 2021A response icon3Mar 24, 2021A response icon3
ASCyberWargames2020 Qualifications | MeowNetwork | Forensics Challenge WriteupIn this post, I am going to walk you through a Forensics CTF challenge from Arab Security Cyber Wargames 2020 Qualifications, Hope you…Aug 15, 2020Aug 15, 2020
ASCyberWargames2020 Qualifications | The-Impossible-Dream | Forensics Challenge WriteupWelcome to my first Writeup ever!Aug 15, 2020Aug 15, 2020
