Back on Hackyx, post Marathon and New York soon

I'm finally back working more and having the dopamine I needed to come back. It was hard at first, but I'm getting more and more into it.

After the marathon, I was excited to come back to work ( and also I needed money for my next trip ), and I love setting up short goals like Hm I need money for my trip to NY, let's find some bugs for it.

Also looking into coming back on working on Hackyx. It's been such a while without news or anything and I will discuss about it today.

Hackyx

6 months without code on it or news, and there are still people going into it and searching for write-ups and reports. It showed me the potential of the project.

Why did I abandon it? I did not. It was just that it was easier doing something else, and I'm not good at working with other people on projects, I think. I love to dig deep on my side and do it all day, and I should try working more with people.

So I decided to come back to working on it, alone for the moment, and focus on finishing all the features I promised and working. I know the potential of this project, and I just need to focus on working more on it before it pays off.

At the moment, I just refactored a lot of stuff, I updated everything, and started working on using more and more AI to help with the metadata, and to perform better searches.

And yes, the project is now private on GitHub, as it will probably be a SAAS, and the sources are not that important, as the most important part will be in the backend with all the content and parsers.

I will tell you inform of the next steps in the coming weeks, with new versions soon.

New York

As I told you previously, I'm coming to NY at the beginning of May. And damn the price of the hotels are crazy there. Even for the cheapest guesthouse, it's like 150$ a night. Crazy compared to Asia, where you can find very nice hotels for 50$ a night.

So I had different choices. Fuck off and pay full in a good hotel, going in a guesthouse or finding a nice bridge to leave there.

I chose something different, and I discovered Home Exchange. It's a way to exchange your home with someone else for a defined time. During this time, someone lives at your house and you live at his. Or you can do it at a different time.

I was first skeptical of doing it as you let other people live at your place. But thinking about it reminds me that it can be a good idea for my way of life.

This way, anyone can contact me and ask me to come for like a month, and I can go to their place anywhere in the world for free. I think that it can be awesome to discover new countries and still have a home and not pay without being there.

So, I'm doing it for NY and I will stay there for free.

I also got some requests for the coming months, so I can probably go to Toronto for a month or Barcelona for a few days, crazy concept.

Finding some bugs

I came back on some programs and discovered new bugs. I found an IDOR that leaked so much PII data, and the bug was probably there for a long time, and I was amazed that I wasn't duped. But great for me.

I also found a Blind XSS, and the program asked me to try doing more post-exploitation. I discovered different ways to do it with XSS, and it's crazy what you can do. I'm using ezxss to spot them, and I discovered that they have a persistence mode in which you can persist the session, send console commands, and view all the requests made by the user.

They also have a new feature called EzProxy, in which you can proxy your requests to be made by the user who hits the xss. This way, you can have access to the internal website and navigate through it as the user does. Pretty crazy, but I still need to manage how I can install it with my weird home setup.

Post Marathon

It's now been such a week since I ran the marathon. And it's been hard not to run during this week. I was like, I need it.

So I came back during calisthenics. I'm such a beginner in that, and it's hard, but I love the process, and I know that if I'm persistent, it will pay off in a few years.

I'm starting to gradually run again, but very slowly and not a lot, but I need to as I have another race in a month or so.