Partyhack 3.0 - Telegram bugbounty writeup

April 12, 2019

3.7k

Partyhack 3.0 - Telegram bugbounty writeup

Bo0oM

April 12, 2019

Tweet

More Decks by Bo0oM

See All by Bo0oM

Your back is white

At Home Among Strangers

2000day in Safari

Defcon Russia | Bo0om vs Шурыгина

Featured

See All Featured

Making Projects Easy

ReactJS: Keep Simple. Everything can be a component!

Building Better People: How to give real-time feedback that sticks.

Pencils Down: Stop Designing & Start Developing

Optimizing for Happiness

The Success of Rails: Ensuring Growth for the Next 100 Years

How To Stay Up To Date on Web Technology

JavaScript: Past, Present, and Future - NDC Porto 2020

The Language of Interfaces

Automating Front-end Workflow

The Invisible Customer

Raft: Consensus for Rubyists

Transcript

Вступление
None
None
None
КАК-ТО МНЕ НУЖНО БЫЛО ПРИДУМАТЬ ТЕМУ ДЛЯ ДОКЛАДА Как я
телеграм ломал
None
None
https://github.com/Bo0oM/fuzz.txt
https://github.com/Bo0oM/server-status-monitor
None
None
None
https://github.com/telegramdesktop/tdesktop/blob/cc2c13d0182c62dd5a89784a49ec375306 449797/Telegram/SourceFiles/core/crash_report_window.cpp#L506
None
None
None
None
None
Database: tdesktopdbase Table: users [4 columns] +----------+ | Column |
+----------+ | id | int(11) | | login | | logincrc | | pwdhash | +----------+ Database: tdesktopdbase Table: keyvalue [3 columns] +--------+ | Column | +--------+ | key | | value | | id | +--------+ Database: tdesktopdbase Table: crashes [6 columns] +----------+ | Column | +----------+ | date | | version | | dump | | id | int(11) | | platform | | viewed | +----------+
None
None
None
https://t.me/WebPwn https://twitter.com/i_bo0om