VC0D3R mrvcoder

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

Google dork cheatsheet

Search filters

Filter	Description	Example
allintext	Searches for occurrences of all the keywords given.	`allintext:"keyword"`
intext	Searches for the occurrences of keywords all at once or one at a time.	`intext:"keyword"`
inurl	Searches for a URL matching one of the keywords.	`inurl:"keyword"`
allinurl	Searches for a URL matching all the keywords in the query.	`allinurl:"keyword"`
intitle	Searches for occurrences of keywords in title all or one.	`intitle:"keyword"`

Chat GPT "DAN" (and other "Jailbreaks")

	#!/usr/bin/env node

	/*
	Accompanying code for the tweet in PT SWARM.

	Tweet's text:
	Simple way to bypass a WAF in Command Injections!
	Also helps with length restrictions!

	Tweet's link: https://twitter.com/ptswarm/status/1799069750863270364

	#!/usr/bin/env bash

	# Based on https://gist.github.com/eduncan911/68775dba9d3c028181e4
	# but improved to use the `go` command so it never goes out of date.

	type setopt >/dev/null 2>&1

	contains() {
	# Source: https://stackoverflow.com/a/8063398/7361270
	[[ $1 =~ (^\|[[:space:]])$2($\|[[:space:]]) ]]