tag:blogger.com,1999:blog-8591474299777249503.post1539236890054364220..comments2023-10-07T01:59:36.379-07:00Comments on Blog: Facebook’s Oculus – Cross-Site Content Hijacking (XSCH) to Bypass SOPUnknownnoreply@blogger.comBlogger18125tag:blogger.com,1999:blog-8591474299777249503.post-3051514173408634452017-06-21T00:21:52.678-07:002017-06-21T00:21:52.678-07:00Congrats! How much was the bounty?Congrats! How much was the bounty?Neeraj Gopalhttps://www.blogger.com/profile/17346435936082384369noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-58856079033105562062015-03-26T21:02:33.724-07:002015-03-26T21:02:33.724-07:00I am actually working on something that might help...I am actually working on something that might help some interested people. ;-)Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-34126829264415092962015-03-26T16:18:18.087-07:002015-03-26T16:18:18.087-07:00Actually that was a legitimate question, you could...Actually that was a legitimate question, you could help you fellow Ethiopians by sharing a thing or two on how they can find good resources to learn more about web security.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-69338302723030891762015-03-17T09:15:41.162-07:002015-03-17T09:15:41.162-07:00I fail to see how that have anything to do with th...I fail to see how that have anything to do with that. I still appreciate your kind regards. lets just keep this a technical comments board instead of "learn hacking" where, so... :)Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-91633245848535068132015-03-17T09:08:26.662-07:002015-03-17T09:08:26.662-07:00That is so amusing! I am Ethiopian. I know there i...That is so amusing! I am Ethiopian. I know there is no school for this. how could you know all these?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-33199316833882746222015-03-02T00:02:00.306-08:002015-03-02T00:02:00.306-08:00sure! :) thanks!sure! :) thanks!Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-58379174835448172292015-03-01T20:12:54.060-08:002015-03-01T20:12:54.060-08:00Nice catch (y )
Keep posting ;)Nice catch (y )<br />Keep posting ;)Rakesh Manehttps://www.blogger.com/profile/12631994956299059263noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-26507931534209524482015-02-15T07:25:17.139-08:002015-02-15T07:25:17.139-08:00Sure, thanks!Sure, thanks!Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-69447902263997841892015-02-15T07:24:45.008-08:002015-02-15T07:24:45.008-08:00This is such an amazing find. this taught me a new...This is such an amazing find. this taught me a new technique, a new sight. thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-63149501261935872362015-02-02T05:57:34.440-08:002015-02-02T05:57:34.440-08:00Hmm. I see. Thanks. I guess the domain provider is...Hmm. I see. Thanks. I guess the domain provider is facing some DNS problems resolving paulosyibelo.com and www.paulosyibelo.com <br /><br />Thanks for the info, will try to fix it (if its upto me), ;)Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-36606154779327267722015-02-02T05:33:08.048-08:002015-02-02T05:33:08.048-08:00Nicely done..
Check the link provided in twitter ...Nicely done..<br /><br />Check the link provided in twitter though.. its not working<br />(http://paulosyibelo.com/2015/01/facebooks-oculus-exploiting.html)Mohan Kallepallihttps://www.blogger.com/profile/18367333964535156075noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-76840784191941021152015-01-31T01:38:37.249-08:002015-01-31T01:38:37.249-08:00Sham, no i didn't use any tool to scan the sub...Sham, no i didn't use any tool to scan the subdomains, in this case. <br />If you are looking for an online scanner https://pentest-tools.com/reconnaissance/find-subdomains-of-domain that is the best one I know.Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-73191026168103169222015-01-30T12:27:33.157-08:002015-01-30T12:27:33.157-08:00What tool do you use to find sub domains?What tool do you use to find sub domains?Shamnoreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-21367959713250017532015-01-30T12:24:21.812-08:002015-01-30T12:24:21.812-08:00Neat find! Neat find! Shamnoreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-75161757823581811082015-01-30T05:11:28.372-08:002015-01-30T05:11:28.372-08:00Thanks! :)Thanks! :)Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-71170353273071251772015-01-30T05:08:47.130-08:002015-01-30T05:08:47.130-08:00Awesome bug and write-up. Keep it up great ninja!Awesome bug and write-up. Keep it up great ninja!Anonymoushttps://www.blogger.com/profile/08055413074870176735noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-62951428391315758292015-01-29T10:19:07.844-08:002015-01-29T10:19:07.844-08:00yes, a very good one. I decide not to disclose it ...yes, a very good one. I decide not to disclose it for personal reasons! :) & thanks!Paulos Yibelo Mesfinhttps://www.blogger.com/profile/15352267161194582479noreply@blogger.comtag:blogger.com,1999:blog-8591474299777249503.post-5144777945132307952015-01-29T10:11:10.730-08:002015-01-29T10:11:10.730-08:00a very indeed interesting read and preliminary sce...a very indeed interesting read and preliminary scenarios. Did Facebook whipped out any bounty on this?Pwntokenhttps://www.blogger.com/profile/07982831495608351527noreply@blogger.com