Frans Rosén has reported hundreds of security issues using his big white hat since 2012. He have recieved the biggest bounty ever paid on HackerOne, and is one of the highest ranked bug bounty researchers of all time. He's been bug bounty hunting with an iPhone in Thailand, in a penthouse suite in Las Vegas and without even being present using automation. He'll share his stories about how to act when a company's CISO is screaming "SH******T F*CK" in a phone call 02:30 a Friday night, what to do when companies are sending him money without any reason and why Doctors without Borders are trying to hunt him down.
Note during the walkthrough
Structure of IDs
Numeric? ID hashes visible cross accounts?
Hashed IDs publicly available
Update other users / Get user info
ID as hashes, but visible using Google.
No check if user was in another company.
Safari <= 8 Mixed Content UXSS
1.Find URL with Mixed Content
2.Use fragment payload to inject clickable link in console
3.SE to get user to open Inspect and click link