Pawan Chhabria – Medium

Pawan Chhabria

How I chained multiple bugs to maximize the impact (Default Credentials -> Reverse Connection->…

Hello All, In the previous blog post, we saw how basic recon on Shodan helped us in finding tomcat service which was running on port 8082…

Apr 1, 2023

How I chained multiple bugs to maximize the impact (Default Credentials -> Reverse Connection->…

Apr 1, 2023

Published in
InfoSec Write-ups

How I escalated default credentials to Remote Code Execution

Hello All, We all know Recon is very important to get P1 bugs. Shodan and Censys are probably the best search engines. I have been testing…

Mar 26, 2023

How I escalated default credentials to Remote Code Execution

Mar 26, 2023

How I accessed the Sensitive document which I had already deleted

Hello All, this is my third writeup. I have already published two writeups which are How I was able to access a properly Configured S3…

Dec 4, 2021

How I accessed the Sensitive document which I had already deleted

Dec 4, 2021

Published in
InfoSec Write-ups

My First Pre-Auth Account Takeover in 20 secs

Hello All, this is my first account takeover writeup and I hope it helps everyone. Taking over another user’s account is something that…

Nov 23, 2021

My First Pre-Auth Account Takeover in 20 secs

Nov 23, 2021

How I was able to access a properly Configured S3 Bucket

Hello All

Oct 29, 2021

How I was able to access a properly Configured S3 Bucket

Oct 29, 2021

Pawan Chhabria

Pawan Chhabria

a.k.a Benchmarkkk | Security Enthusiast| Web | Android | API |Top OnePlus Hacker 2019–2020 | Google Hall of Fame

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams