Partyhack 3.0 - Telegram bugbounty writeup

F26c65b4ad90e281e3d866f466783201?s=47 Bo0oM
April 12, 2019
3.4k

Partyhack 3.0 - Telegram bugbounty writeup

F26c65b4ad90e281e3d866f466783201?s=128

Bo0oM

April 12, 2019
Tweet

Transcript

  1. Вступление

  2. None
  3. None
  4. None
  5. КАК-ТО МНЕ НУЖНО БЫЛО ПРИДУМАТЬ ТЕМУ ДЛЯ ДОКЛАДА Как я

    телеграм ломал
  6. None
  7. None
  8. https://github.com/Bo0oM/fuzz.txt

  9. https://github.com/Bo0oM/server-status-monitor

  10. None
  11. None
  12. None
  13. https://github.com/telegramdesktop/tdesktop/blob/cc2c13d0182c62dd5a89784a49ec375306 449797/Telegram/SourceFiles/core/crash_report_window.cpp#L506

  14. None
  15. None
  16. None
  17. None
  18. None
  19. Database: tdesktopdbase Table: users [4 columns] +----------+ | Column |

    +----------+ | id | int(11) | | login | | logincrc | | pwdhash | +----------+ Database: tdesktopdbase Table: keyvalue [3 columns] +--------+ | Column | +--------+ | key | | value | | id | +--------+ Database: tdesktopdbase Table: crashes [6 columns] +----------+ | Column | +----------+ | date | | version | | dump | | id | int(11) | | platform | | viewed | +----------+
  20. None
  21. None
  22. None
  23. https://t.me/WebPwn https://twitter.com/i_bo0om