Mortgage with Bug Bounties — Week 4

2 min readFeb 26, 2021

2/19/21

App has some Docx to PDF actions, looking into XXE attacks here.
I’ve never performed a MS Office XXE, so its a shot in the dark, but looking forward to the chance to learn.

whitel1st/docem

A utility to embed XXE and XSS payloads in docx, odt, pptx, etc - any documents that is a zip archive with bunch of xml…

github.com

Open-Xchange disclosed on HackerOne: Blind XXE via Powerpoint files

Summary During the parsing of Powerpoint files it seems that it is possible to include XXE payload which will be…

hackerone.com

2/20/21

Family visiting

2/22/21

Dark Side 107: Exploiting FTP

FTP…Security Teams’ Worst Nightmare. Well One of Many.

medium.com

4 hrs hacking for some business logic errors

2/23/21

Sick kids

2/24/21

3 hrs of hacking

2/25/21

https://portswigger.net/research/top-10-web-hacking-techniques-of-2020-nominations-open

4 hrs hacking for some auth issues and csrf

Weekly Wrap up

Again this week, really whiffed it on the reading.
There was a lot going on at work, so I didn’t get to hack as much as I’d like, but some bounties starting coming in. Had $8,450 come in this week, a majority being a $7k critical issue.

With Feb wrapping up, I was hoping to be to least 10% completed, but it should be there once the rest of Feb’s outstanding bugs pay out.
Luckily the program I’ve been on all month is still ripe and has a good couple months of beating on to find all the bugs.