Over the past few years, as an avid security researcher, I have received acknowledgements from the following leading firms for the discovery, responsible disclosure and collaboration in the fixing of security issues.
- Optus Voicemail Exploit Information Disclosure
I assisted Shubham Shah in discovering (and testing) the Optus voicemail PIN bypass exploit. Due to a broken trust model, a forged caller ID would allow an attacker to bypass the PIN protection of voicemail and have full access to the victim's voicemail control panel. I also created the web application used to test if a user's phone number is vulnerable.
- Microsoft (Online Services) Coldfusion Exploit (Root Access)
Due to an outdated version of Coldfusion installed on a Microsoft MSN server, I was able to bypass the administrative login and gain administrative access. This would allow me to schedule tasks to run as a privileged user, such as reverse shells, create users, etc.
- Grok Learning Sandbox Bypass
Due to a misconfiguration in the testing machine's firewall, the sandbox could access the internet. This allowed for the disclosure of test data (as well as possible exploitation vectors).
- Medium Information Disclosure
Due to a vulnerable version of OpenSSL, Medium's servers were vulnerable to the Heartbleed OpenSSL bug, allowing up to 64kb of server memory to be disclosed to a hacker (possibly leaking private keys, users' passwords and POST data, etc).
- Altervista Information Disclosure
Due to a vulnerable version of OpenSSL, Altervista's control panel was vulnerable to the Heartbleed OpenSSL bug, allowing up to 64kb of server memory to be disclosed to a hacker (possibly leaking private keys, users' passwords and POST data, etc).
Due to my interest in security research, I have participated in multiple information security competitions. The following are some notable compeitions which I have taken part in
- K17 CTF - 2013 4th Overall
A competition which contained challenges pertaining to web applications, reverse engineering and exploitation, cryptography, network and memory forensics and Unix exploitation. I was mostly involved in the reverse engineering, cryptography and unix exploitation aspects of the competition and assisted the members working on the web application.
- PHDays CTF IV Quals - 2014
This competition contained a grab-bag of many different aspects of information security, the most interesting of which was a MMORPG for the contestants (where hacking the game was rewarded with CTF points). I was mostly involved in the escaping of sandboxes and information gathering aspects of the competition. I also assisted team members working on the cryptography challenges.