Skip to content

Sam Curry

Web Application Security Researcher
  • Home
  • Blog
  • Contact

Month: June 2017

Permanent account takeover on Yahoo’s Small Business platform

June 25, 2017 samwcyo Leave a comment

If you decided to go out and spontaneously develop a content management system one of the most crucial and necessary…

Continue Reading →

How I could’ve taken over the production server of a Yahoo acquisition through command injection

June 4, 2017 samwcyo 2d Comments

On the night of May 20th I had begun to develop a small headache and neck pains after spending days…

Continue Reading →

Recent Posts

  • The $12,000 Intersection between Clickjacking, XSS, and Denial of Service
  • Hacking a Massive Steam Scamming and Phishing Operation for Fun and Profit
  • Exploiting Directory Traversal to View Customer Credit Card Information on Yahoo’s Small Business Platform

Recent Comments

  • samwcyo on How I gained access to chef, docker, AWS, and MongoDB instances in a single request
  • Mandy on How I gained access to chef, docker, AWS, and MongoDB instances in a single request
  • samwcyo on How I could’ve taken over the production server of a Yahoo acquisition through command injection

Archives

  • July 2018
  • May 2018
  • November 2017
  • August 2017
  • June 2017
  • May 2017
Copyright © 2018 Sam Curry — Primer WordPress theme by GoDaddy