Back to directory

WRITEUP #3920

Messing with GitHub's fork collaboration for fun and profit

OtherBroken Access Control

by@not_aardvark(Teddy Katz)

Bounty

30,000

Program

GitHub

Published

Mar 10, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.teddykatz.com/2021/03/10/fork-collab-abuse.html

▸ RELATED WRITEUPS

Leaking All Users Google Drive Files

OtherBroken Access Control

Hacking Moodle Apps Via External Functions

OtherBroken Access Control

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Built with ❤️ by Shubham Rawat