What is going on in this sub?
Lord, Sweet Jebus T Rump what tf is going on in this sub?
- "Please read my post about an unexploitable bullshit condition and halp me bcuz I think it a CRITICAL thx xoxo"
- "[BUG BOUNTY] is hot garbage because they rejected my duplicate BS bugz ;-;"
- imagine a 3rd example i cant be bothered
Here's a little guidance for these kinds of scenarios:
If the impact is weak, don't speak...
If the impact is light, don't write...
PLEASE. Learn to exploit the bugs you discover while staying within the scope. Demonstrate the impact.
PoC||GTFO
Those ^ are INSTRUCTIONS. THEY ARE NOT GUIDELINES.
bUt I cAn'T sHoW aNy ImPaCt AnD i WaNt AlL tHe MoNeY
OK. Those little no impact bugs? They are lego bricks. They could actually be GOLD. Collect them, cherish them. Curate them. Horde them. BUT FOR HEAVENS SAKE DONT TELL US ABOUT THEM OR POST THEM OR REPORT THEM. Shhhh. Shhhhhhhhhhh. Shush now. Learn how to chain them. Then combine 9 infos in a chain to make a CRITICAL. Or... JUST STFU AND FIND A DAMN CRITICAL.
1. Check the bug - is it of little or no impact?
- YES: GTFO
- NO: Step 2
2. If the bug has real impact... am I just vibe-assiging that impact?
- YES: GTFO
- NO: Step 3
3. Hmmm what is the PoC? DO I have a PoC?
- NO: GTFO
- YES: Step 4
4. Is it a complete PoC?
- NO: GTFO
- YES: Step 5
5. End to End?
- NO: GTFO
- YES: Step 6
6. And does it have real impact on users?
- NO: GTFO
- YES: Step 7
7. Am I assuming one or more other bugs are required for this to work?
- YES: GTFO
- NO: Step 8
8. Wow - I got here? I better check my facts.
- YES: GTFO
- NO: ALSO GTFO.
UGH.