From 123456 on a Staging to a Multimillion Dollar VC Owned in ~200 Days


Posted on in Presentations

The journey of a black box exercise for a corporation whose coupon management staging application led to a critical flaw in the production server. Fast forward, compromised VPN creds led to their internal network and even the parent company’s assets containing critical data of over 50 million users. This talk will share manual techniques to find, exploit, escalate, pivot and pwn devices encountered.
Participants
Aman Sachdev

Participant

Co-Founder, Bugsbounty.com

Himanshu Sharma

Participant

Co-Founder, Bugsbounty.com


Share With Your Community