Remember the report where I chained a bug that got closed as informative a year ago? Yeah, I got a response today, and yeah…
One of the bugs I used in the chained exploit was already known by the company and as a result of that, it renders the entire exploit useless because all these bugs depend on each other, when one gets patched the entire exploit falls. The program let me self-close considering one of the bugs I used is already getting fixed. Regardless, I’m happy with how things went even though I didn’t get a bounty. It’s still a valid vulnerability and that’s what matters, to me anyway, lol.
Other than that, I spent the entire day researching dorks, I’ve been having a lot of fun with this, I simply just can’t help myself but keep diving deep. I can’t wait to see what comes next :)
Happy hacking. See you tomorrow❤