{"version":"1.0","provider_name":"Hatena Blog","provider_url":"https://hatena.blog","html":"","height":"190","width":"100%","blog_title":"Shikata Ga Nai","type":"rich","published":"2022-11-27 19:03:27","title":"Bugcrowd \u2014 Tale of multiple misconfigurations!!\u3092\u8a33\u3057\u3066\u307f\u305f","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/T/ThisIsOne/20221127/20221127175508.png","url":"https://cysec148.hatenablog.com/entry/2022/11/27/190327","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","categories":["Bug Bounty"],"author_name":"ThisIsOne","blog_url":"https://cysec148.hatenablog.com/","description":"Best regards, ('\u03c9')\u30ce \u8907\u6570\u306e\u8a2d\u5b9a\u30df\u30b9\u306e\u8a71\u3092\u3002 \u8106\u5f31\u6027\uff1a \u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4e57\u3063\u53d6\u308a OAuth OTP \u30d0\u30a4\u30d1\u30b9 \u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u30ea\u30bb\u30c3\u30c8 \u8a18\u4e8b\uff1a https://infosecwriteups.com/bugcrowd-tale-of-multiple-misconfigurations-cb5b98f09302 \u4eca\u56de\u306f\u3001\u30c9\u30e1\u30a4\u30f3\u3067\u898b\u3064\u304b\u3063\u305f\u8a2d\u5b9a\u30df\u30b9\u306b\u95a2\u3059\u308b\u8a18\u4e8b\u3067\u3002 \u3053\u308c\u306f\u975e\u516c\u958b\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u306a\u306e\u3067\u3001redacted.com \u3068\u547c\u3076\u3053\u3068\u306b\u3002 \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u7bc4\u56f2\u306f\u81a8\u5927\u3067\u3057\u305f\u304c\u3001\u901a\u5e38\u306e\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3 \u30b9\u30ad\u30e3\u30f3\u3068\u3002 \u3053\u308c\u3089\u3059\u3079\u3066\u306e\u9ad8\u5ea6\u306a\u5075\u5bdf\u304b\u3089\u59cb\u3081\u3066\u3002 \u30e1\u30a4\u30f3 \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30c6\u30b9\u30c8\u3092\u2026"}