Open in app

Sign In

Write

Sign In

Sander Wind
Sander Wind

128 Followers

Home

About

Jan 24

Unleashing the power of CSS injection: The access key to an internal API

In this write-up, we will be explaining a vulnerability that was discovered in an online accounting application. The vulnerability was a CSS injection flaw that could be exploited in the application’s PDF generator. …

Cybersecurity

4 min read

Unleashing the power of CSS injection: The access key to an internal API
Unleashing the power of CSS injection: The access key to an internal API
Cybersecurity

4 min read


Feb 5, 2021

Escalating SSRF to RCE

Retrieving AWS metadata and use it for RCE — Recently, I stumbled upon a SSRF vulnerability allowing retrieval of the Amazon metadata for the EC2 instance running the vulnerable software. But how to proceed and turn the SSRF into RCE? When researching a web application, I stumbled upon an endpoint which allowed me to perform SSRF. I’ll use the endpoint http://example.com/fetch?url=[path] as example.

Security

4 min read

Escalating SSRF to RCE
Escalating SSRF to RCE
Security

4 min read


Jul 11, 2018

Stored XSS on funda, funda desk and funda emails

Since a few months, my girlfriend and I are looking for a house to buy. The housing market is going crazy in the Netherlands at this moment. Prices go beyond limits and houses are being sold within approximately 2 weeks after being available on the market. One of the best-known…

Hacking

4 min read

Stored XSS on funda, funda desk and funda emails
Stored XSS on funda, funda desk and funda emails
Hacking

4 min read


Mar 23, 2018

Personal data of all Dutch public transport cards (“OV-Chipkaart”) accessible

December 19, 2017, an article on Tweakers.net was published about a publicly accessible form showing the balance and the date of last activity of any public transport card you fill in. Short after this article being published a comment on the article stated that the date of birth of the…

Hacking

4 min read

Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible
Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible
Hacking

4 min read

Sander Wind

Sander Wind

128 Followers

Security researcher at Mission CTRL. Developer at Alserda. Bug bounty hunter on Intigriti. https://www.missionctrl.nl

Following
  • Ivo Patty

    Ivo Patty

  • Jonathan Bouman

    Jonathan Bouman

  • Kees Wolters

    Kees Wolters

  • Avinash Jain (@logicbomb)

    Avinash Jain (@logicbomb)

  • Alex Birsan

    Alex Birsan

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech