Nadir's Blog

Nadir's Blog

A path traversal vulnerability is usually well known as an issue which can either allow you to read or write files on a server, but what if there's a path traversal in a fetch request by the browser? We've seen several examples, like Medi's research, which entered the top 10 web hacking techniques of 2022.

In this blog post, I will describe a technique I often used when attempting to escalate a client-side path traversal to an account takeover, and discuss how this specific exploitation scenario may be partially mitigated now.

Read more...

When a React Native application is built, a source map and application bundle is generated. Source maps are files that link the original source code of the (front-end) application (before it was built or bundled using tools such as Webpack). They are not interpreted by the client and are often used by error tracking tools such as Sentry or Bugsnag to provide more detail in generated bug reports.

Read more...

In this write-up, I walkthrough the different steps of the H1-2006 capture-the-flag challenge. I'll go through the thinking process, steps to reproduce, failed attempts and other details.

Read more...

H1702 was another amazing CTF organized by HackerOne. It was an amazing competition to participate in, despite the fact that I haven't been able to complete all challenges.

Read more...