Open in app

Sign In

Write

Sign In

Rikesh Baniya
Rikesh Baniya

220 Followers

Home

About

Published in PenTester Nepal

·Sep 8, 2021

Facebook email disclosure and account takeover

I have a preference for apps over web when it comes to hunting, so in January I decided to dive deep into apk endpoints hoping to find something juicy. I downloaded bunch of FB and messenger apks of different versions, grepped all the endpoints, sorted them and was going through…

Facebook Bug Bounty

4 min read

Facebook email disclosure and account takeover
Facebook email disclosure and account takeover
Facebook Bug Bounty

4 min read


Published in PenTester Nepal

·Jul 9, 2021

Facebook Email/phone disclosure using Binary search

So in December I decided to hunt on Facebook, and chose to go with the Facebook Android App I was analyzing the Facebook app’s password recovery flow. I noticed that the following endpoint was being used. When a user enters his email/phone number his email is supplied in the following…

Bug Bounty

3 min read

Facebook Email/phone disclosure using Binary search
Facebook Email/phone disclosure using Binary search
Bug Bounty

3 min read


Dec 16, 2020

JavaScript analysis leading to Admin portal access

I love hunting on small scoped websites cause i can be assured that i have seen every corner and analyzed every endpoint of the that website Program had 2 scopes. target.com and admin.target.com Now, since the website had not provided any credentials for admin.target.com …

Bug Bounty

1 min read

Bug Bounty

1 min read


Dec 10, 2020

How I dumped PII information of customers in an ecommerce site?

Like every website, the most interesting endpoint is always the image upload section. So I fired my burp and was checking how the images are getting stored. First thing i noticed was the image was uploaded in aws.So as always i checked for misconfigured aws for read/write access. …

Bug Bounty

2 min read

How I dumped PII information of customers in an ecommerce site?
How I dumped PII information of customers in an ecommerce site?
Bug Bounty

2 min read


Aug 5, 2020

How I was able to do Mass Account Takeover[Bug Bounty]

This was one of the interesting bug that i found on a target. The vulnerability lied in the website’s password reset page. In order to reset the password an user required two things.(his username and his email) It was a OTP based password reset mechanism. There were 3 steps to…

Bug Bounty

2 min read

How I was able to do Mass Account Takeover[Bug Bounty]
How I was able to do Mass Account Takeover[Bug Bounty]
Bug Bounty

2 min read

Rikesh Baniya

Rikesh Baniya

220 Followers

I hunt for bug sometimes :)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech