Hi everyone! I ended up doing some cyber security research in TravianZ, which is an open source clone of an older game called Travian. I ended up finding all sorts of fun vulnerabilities and was able to find a 0day RCE.
The vulnerabilities are a bit more complex and I tried to explain them as well as I could. I would absolutely love feedback on my blog post to see where I can improve my writing skills! If anything is unclear please feel free to ask. I tried to make my blog post accessible to beginners, so if anything is unclear I will do my best to clarify!
I hope you enjoy the read and learn something!
it is too hard to find 0days or what is the process from how to find this…
The idea of a 0day is just a security vulnerability with no patch yet available, which all security vulnerabilities were at some point. So it’s not really difficult to find a 0day but a 0day RCE with no user input is usually a bit more difficult to find. Personally I just wanted to explore this application and see what I could find and ended up finding some cool stuff. There’s a lot of other projects I’ve looked into with no such interesting findings.
Good stuff bro awesome article
Nice topic bro keep it up
Thank you very much @rdpfreak0 and @Lorakai!