EEibineib.hashnode.dev·Apr 6 · 8 min readCrafting a Full Read SSRF: A Journey Through Oauth DCR, Open URL Redirects, and Path NormalizationThe Bug This blog post outlines the chains of multiple gadgets to achieve a full read ssrf on a target. Open Dynamic client registration on the MCP server to create an open redirect gadget Path norm00
EEibineib.hashnode.dev·Feb 16 · 7 min readBuilding a custom JS monitoring tool with no coding knowledge using AIBackground I had a very interesting JavaScript-heavy target I was working on, which was built using a microservice architecture. The main domain contains a lot of sub-apps, so doing subdomain enumeration did not result in any significant success othe...00
EEibineib.hashnode.dev·Feb 7 · 6 min readFull Read SSRF in a PDF generation feature to read data from Internal domainsThe Bug The bug is a server-side request forgery vulnerability in a PDF generation feature that enabled me to read data from internal domains that are not publicly reachable The Journey I’ve been working on this application for three months now, and ...00
EEibineib.hashnode.dev·Oct 28, 2025 · 7 min readSSRF to read data from internal domainsStarting with what I’m comfortable at I have been testing this particular app for close to three months before I found a valid bug in it The app was mainly used for creating notes and collaborating, so when I started testing, I mainly focused on brok...00
EEibineib.hashnode.dev·Sep 7, 2025 · 7 min readBypassing Cloudflare WAF with comma symbol to gain RCE using a file upload vulnerability (Ethiack CTF)Recently, I was reading a blog titled “Don’t Fear The AI Reaper: Using LLMs to Hack Better and Faster” which was explaining how hackers can hack better with the help of AI. The blog talked about how AI can often generate vulnerable code, and it linke...00
