this was because once you logout and login again the old cookie was used in request and server sets that old cookie as our new session cookie. Hence a logged out/expired cookie becomes active again. It can be achieved by other means methods . check below 👇.

such as if you have CRLF injection , you can inject your own expired session cookies into victim browser and when victim visits website to login, the cookies you set become active. ATO by UI.

. even check the report i stated its not a vulnerability but he was sure it was vulnerability lol. After a long back and forth convo i provided him video POC and he finally closed and changed username😂.

Funny thing i was invited to collaborate on a report in 2024. I didn't even know the guy but i accepted to see what he really found since i was Hunting on H1 at that time. This guy was making some bet and changed his username afterwards. Before the triager could even .

Hey @grok., based on your analysis of the last 365 days, list in sequence 10 accounts that frequently visit my profile. Do not mention the person, only @.username and the rate of visits to the profile per month.

Getting $XXX to promote some shit online lol . Not worth it.

Another one Account takeover , you need to know password reset token of victim which is random alphanumeric string, unpredictable so AC:H 😆.

0 day priv escalation CVSS scoring:. It all starts with PR: L/H and/or UI:R, an admin need to invite you to their org/workspace😂.

As expected triaged as Medium lol.

RT @albinowax: I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame" is coming to #DEFCON33! This talk will feature multiple new….

Its PII leakage, but i need some string that is auto generated, can't be decoded. It makes AC:H, if somehow i can make it AC:L then it will definitely be Critical.

I am near a Critical, its High/Medium at least. Looking for some endpoint that can turn the tables and get me max bounty lol.

If you find a blind SSRF, except port scanning . What else you can do to provide more impact? Any ideas?.

Some bugs are simple, A massive design flaw was found. I have been testing the site for too long but i initially forgot to check/ignored it. But later on after checking, default configuration was vulnerable lol.

I lost a high severity bug because h1 triager didn't check report for a whole week and when they tried to reproduce after a week, its fixed. -_-.

At this point, self closing report is more beneficial and time saving than going back and forth. Before Hackerone response was fast, triage in 1-2 days or even within few minutes/hrs after initial message. Nowadays its just opposite.

> Submits multiple report 9 days ago. > After 2 days we are looking into it. > After 7 days (today), gets some error and asks me to check if am getting same error. In these 7 days, the team can easily deploy a fix. Please resign if u cannot validate in 1-2 days .

i will update HOF section with list of users that were rewarded vouchers also.

Also:

New writeups coming soon on and Medium. Site’s under construction — VDP is live to protect assets i own. 🔗 VDP: 🎁 High/Critical bugs may earn vouchers (at my discretion). 🏅 Valid reports listed in Hall of Fame. #BugBounty