wasteof.money

@jeffalo

i had a zoom call with people to discuss a major vulnerability i found.

May 6, 2023, 1:57 PM

comments

@joebiden May 9, 2023, 4:31 PM

depression?

@nihalnavath May 9, 2023, 11:02 AM

Cool, for which website/app?

@mrowlsss May 7, 2023, 2:19 PM

ooh i think i might know what it is

@jeffalo May 7, 2023, 7:10 PM

really?

@mrowlsss May 13, 2023, 3:26 AM

i think we’re talking about different things, its when i logged into poprock’s account with a password, even though he had no password assigned.

@jeffalo May 13, 2023, 11:33 AM

uh thats bad.

@mrowlsss May 14, 2023, 2:26 PM

i cant do it anymore if i try doing it with @owlsss-owlclient

@mrowlsss May 14, 2023, 2:26 PM

i think you already fixed it

@jeffalo May 15, 2023, 6:22 AM

this sounds like a bug with your client rather than the server — as far as i can tell, i haven’t touched auth code in years

@mrowlsss May 18, 2023, 12:15 PM

huh, maybe, idk

@mrowlsss May 18, 2023, 12:16 PM

all i know is apparently i logged into an account with a password even though the account had no password assigned, and then you gave me a warning

See more replies

@grahamsh May 8, 2023, 10:44 AM

i highly doubt you do lmao

@paradocktheman May 7, 2023, 12:33 AM

you know jeffalo is serious when he starts using periods in his posts and replies

@jeffalo May 7, 2023, 7:17 AM

wait till you see one with capital letters.

@paradocktheman May 7, 2023, 4:19 PM

@wynd May 8, 2023, 6:44 PM

haha imagine, that would be scary

@mybearworld Jun 27, 2023, 1:34 PM

@oren May 6, 2023, 2:23 PM

You should start documenting your bug bounties. A lot of people do

@radi8 May 6, 2023, 4:01 PM

he might not be able to, because they aren't fixed yet

@oren May 6, 2023, 4:13 PM

He's found other ones before

@radi8 May 6, 2023, 4:14 PM

yeah, I know

@jeffalo May 6, 2023, 5:18 PM

all my reported bug are documented. i just don’t have permission to publish.

@oren May 6, 2023, 5:50 PM

@nihalnavath May 9, 2023, 11:05 AM

I agree with this, please do, will be an interesting read.