Bypassing E2E encryption leads to multiple high vulnerabilities.In today’s blog, I’m going to show you how I was able to bypass the E2E encryption of an application by analyzing an obfuscated javascript…Jan 20, 202310Jan 20, 202310
Can analyzing javascript files lead to remote code execution?In today’s blog, I’m going to show you how analyzing javascript files can lead to access unrestricted endpoints and to understand how the…May 8, 20227May 8, 20227
Published inInfoSec Write-upsHow I bypassed disable_functions in php to get a remote shellToday I will show you how I was able to bypass disable_functions and get a remote shell that lead me to access most of the users' files.Mar 13, 20223Mar 13, 20223
Intigriti 0821 XSS Challenge WriteupIn this post, I am going to walk you through the Intigriti 0821 XSS Challenge, I hope you enjoy reading.Aug 23, 2021Aug 23, 2021
ASCyberWargames2021 Qualifications | Retention | Web Challenge WalkthroughIn this post, I am going to walk you through a Web CTF challenge from Arab Security Cyber Wargames 2021 Qualifications, Hope you enjoy…Aug 1, 2021Aug 1, 2021
How I Bypassed a tough WAF to steal user cookies using XSS!Hi, I’m Asem Eleraky -aka Melotover- and today I will show you how I could bypass a tough WAF to execute XSS and make a full account…Jul 19, 20216Jul 19, 20216
How I leveraged XSS to make Privilege Escalation to be Super Admin!Hi, I’m Asem Eleraky -aka Melotover- and today I will show you how I could leverage an XSS vulnerability using XHR request to make the…Mar 24, 20213Mar 24, 20213
ASCyberWargames2020 Qualifications | MeowNetwork | Forensics Challenge WriteupIn this post, I am going to walk you through a Forensics CTF challenge from Arab Security Cyber Wargames 2020 Qualifications, Hope you…Aug 15, 2020Aug 15, 2020
ASCyberWargames2020 Qualifications | The-Impossible-Dream | Forensics Challenge WriteupWelcome to my first Writeup ever!Aug 15, 2020Aug 15, 2020