Ha$h1m
CtrlK
Bugcrowd Profile
  • πŸ’²/dev/null
  • Bug Bounty
    • Application-Level DoS
    • Broken Access Control
    • IDORs
    • Logic Bugs
    • Privilege Escalations
  • VDPs
  • APPs
    • Web Vulnerable LABs
  • All Articles
    • 🟧Logic flaw k1lled business messaging for all users
    • πŸ”₯H4ck1ng the Same App for a Month -> $$$$
    • 🟩Logic flaw led to a $$$ privilege escalation
    • 🟩Is It Just About Replacing IDs? (I Guess Yes)
    • 🟧Logic flaw led to PrivEsc: I used a feature to bypass a restriction
    • 🟧I'm in love with Privilege Escalations!
    • 🟩Easy $$$ from PrivEsc: Hacking the Hidden Feature
    • 🟩From N/A to $$$: A Simple Python Script Led to Application-Level DoS
    • 🟧Hacking E-Commerce For $$$: IDOR and More
    • πŸŸ₯Logic Flaw: I Can Block You from Accessing Your Own Account
    • πŸŸ₯How Easily I Found My First P2 on Bugcrowd
    • 🟩An Easy RACE CONDITION That Made Me Fame
    • πŸ΄β€β˜ οΈ0xhashimRESETriddle: Vulnerable Web Application
    • 🟩How I Found My First Bug Through Simple Fuzzing
    • hashimXSS
Powered by GitBook
On this page
  1. Bug Bounty

Privilege Escalations

Regular user today, admin tomorrow.

Recent

πŸ”₯H4ck1ng the Same App for a Month -> $$$$🟩Logic flaw led to a $$$ privilege escalation🟧Logic flaw led to PrivEsc: I used a feature to bypass a restriction🟧I'm in love with Privilege Escalations!🟩Easy $$$ from PrivEsc: Hacking the Hidden Feature

PreviousLogic BugsNextVDPs

Last updated 4 months ago