Hello, Welcome back ! So recently i played RC3 CTF 2016, here I present few of my write-ups. So Let’s Begin FORENSICS 50 This was the First Forensics challenge, when they provided a pcap traffic capture file. I initially opened it in Wireshark and as we can see the content is about Captured ICMP pings.… Read More RC3 CTF 2016 Write-ups
Hello, I came across “Billy Madison 1.1” which is a Boot2Pwn Vulnerable system . Billy Madison name looks bit familiar as it is actually a name of the Comedy Movie which was released in 1995, I assumed that the plot of the Vulnerable system might be on it. This was a indeed super cool Challenge… Read More Billy Madison: 1.1 Walkthrough
Hello Friends, Welcome back, This time i would be talking about a Bug which i found in Apple’s acquisition Beats by Dr dre. It was 2015 and i was trying to fiddle with Apple related Web applications and found Beats by Dr. Dre website. In this article, i would like to emphasis on the CSRF… Read More How i Hacked your Beats account ? Apple Bug Bounty
Hello, I am Aaditya Purani and i am going to show a POC of WP Mobile Detector vulnerability <=3.5 Arbitrary file upload vulnerability. WP Mobile detector Plugin automatically detects standard and advanced mobile devices and displays a compatible wordpress Mobile themes. Before some years, we also had an Arbitrary file upload vulnerability in this Same… Read More WP Mobile Detector Vulnerability <= 3.5 Exploit POC
Hello, Great to see all Readers back, Today (20/4/2016) Morning i Received one facebook message from my friend which Looked like a Image but it was infact an .html file. My first thought, obviously was that is was a Spear Phishing/ Worm Infection try as i rarely open any suspicious file which has been sent… Read More Breaking the new Facebook based latest malware
Hello, It’s Aaditya Purani, today i will talk you about one of my Creation The Peace Bot (@MrPeaceBot) Motivation: Hatred is everywhere from Real Life to Social Media. There is Communalism and Racism in this World. Moreover. This developed an Idea into me, an Idea which turned into The Peace Bot Who Is The… Read More Mr PeaceBot : The Bot created by Aaditya Purani #ThePeaceBot
Hey there, 29th January 2016, was a Special Day to Me. My First Ever Article got Published in World’s Top IT Security Magazine “Hakin9” in their Volume 11 and No. 02 Edition . The Theme of this Month Magazine was about “Web Application Security” which is one of my Strong Area of Research. Hakin9 is… Read More My Article in Hakin9 Magazine
Hello Guys, It’s me Aaditya Purani, So today i am writing one of the Most Anticipated topic and hottest one known as SSRF (Server Side Request Forgeries ). SSRF is something you find rarely in day to day Web applications. So there are lesser POC’s available online. So what about coding One? Yes. Cool enough… Read More Exploiting the SSRF (Remote SSRF)
Hello, The dream of every White Hat Hacker and Bug hunter is to get Hall Of Fame Acknowledgment by World’s IT Giant Google. No introduction needed about Google. And so was my aim to get a place in Google’s Hall of fame and to qualify for their VRP which are only for Security Researcher. I… Read More Got listed In Google’s Security Hall of fame (Write Up)
Hey, I am Aaditya Purani (@aaditya_purani), so many of my friends experienced issues that they get error while installing qtox when they use command. It is a case study + solution . sudo apt-get install apt-transport-https and you will get E: Unable to locate package apt-transport-https The first traditional way is to look in /etc/apt/sources.list… Read More E: The method driver /usr/lib/apt/methods/https could not be found Solution
Aaditya Purani - Hacker 