Working remotely, Learning more, and Stockholm

It's been a week since I landed in Stockholm. It was pretty nice going there, and I'm now going to Berlin for NullCon.

Working remotely

It's crazy how I'm way more productive when travelling than when I'm at home, maybe because there are more distractions at home.

I landed in Stockholm last Thursday. I didn't know anything about this city or the country, so it was nice discovering a new city.

For the few days I was there, I worked more than when I'm at my desk. I love to discover new coffee places to find the best one, so each time I work there. And seeing other people working and being in the atmosphere of working.

I found a pretty nice coffee shop there, but for some of them, the wifi was pretty bad, so it was annoying for me. I also found some bugs when I was there, still in triage, and some of them are duplicates, but it's still good to be back on track.

I'm thinking about why I would be more productive when I'm abroad instead of just chilling and discovering the city, but it is what it is, and I'm glad for that. Maybe I have to work more outside when I'm at home, instead of being at my desk, I don't know.

Learning more

I started to watch all the Critical Thinking pods I was missing, and it's still amazing. There are so many new techniques and stuff there, it's definitely something to be aware of and listen to more.

It gives you more thought and new ideas for your targets to try. Sometimes, you can feel stuck on something, and just doing something else or learning new techniques can unblock you.

To tell more about what I've done the past week, I was exploiting an xss on a target I like. It was quite interesting as the xss was on a domain that is totally different from the one with really important data. So I needed to find a way to exploit it in order to find a real impact.

TL DR: The XSS wasn't exploitable due to a mistake on my side; I'm pretty dumb, but it was still interesting to dig deep into it.

Usually, when I'm stuck on a client-side bug, I'm asking my friends 0xRth or Mizu, but as he was training to beat me at MK, I needed to find the solution myself.

I decided to play more with LLM, especially Claude and GPT, as I paid for them. I first used Ebka, made by Slonser, which is basically an MCP for Caido. And it worked pretty well.

But you really need to guide it in order to have something useful. As it has access to the whole caido context, it was able to find the flaws and helped me exploit it and write the poc. Pretty funny that you have to specify that this is for a CTF and not a bug bounty; otherwise, it will not help you.

Having only the basic pro plan for Claude, it was pretty bad having to wait every day, but having agents and MCP is so helpful compared to chat gpt where you have to explain everything.

I also used a bit of GPT, mainly to help me understand some client-side quirks to know if I was wrong or not.

At the end, I was able to exploit this vulnerability, even if it wasn't one due to the CSP, thanks to pwnfox for hiding it from me.

But it was still very interesting to play with the LLM to leverage a bug I found. I'm going to use them more for sure.

Stockholm

That was my first time in Sweden, and it was cool. The city is cute, even if it's pretty expensive, more than in Paris, which is crazy.

The food was quite good, one of the famous meal is the meatballs, and this one was really yummy.

I went there especially to run a half-marathon. I wanted to run it in like 1H40, but I was injured in my knee, so I needed to change my plan. With my coach, we decided that it was better to chill down and if I felt any pain during the race, to just walk or slow down.

And that happened. It was good until kilometer 10, and then I felt some pain in my knee, so I just walked a bit. But I didn't want to stop my race, so I continued. I just walked and ran again a bit, finishing in about 1h55, which is quite good looking at my shape for this one. So, I'm pretty happy and looking forward to the next one!

Also, one of my goals when travelling is to find the best coffee, and I found some pretty good ones.

Now, I'm currently writing that in the airport, on my way to Berlin for NullCon. I'm going there especially for the Live Bug Bounty Event organized by YesWeHack.

A lot of my friends are going there, so it will be quite nice seeing everyone and hunting together.