My Journey to the Nokia Security Hall of Fame
Hey everyone, it’s Umair Farooqui here, also known as “mufazmi”. I’m thrilled to share my journey with you all, from discovering vulnerabilities to landing a spot in the prestigious Nokia Security Hall of Fame.
Discovering Vulnerabilities:
A few weeks ago, I stumbled upon a couple of SQL injection vulnerabilities within Nokia’s systems. Excited to contribute to their security, I promptly reported my findings. Unfortunately, they turned out to be duplicates. Undeterred, I continued my quest and uncovered weak credentials on one of their FTP servers. Again, my report was marked as a duplicate. But I didn’t give up.
Exploring Further:
I decided to delve deeper into Nokia’s infrastructure, using tools like SubFinder to identify all in-scope subdomains. With my list in hand, I meticulously tested each one, leading me to discover multiple XSS vulnerabilities. I reported all of them, but unfortunately, most were duplicates. However, two new XSS vulnerabilities caught the attention of the Nokia Security Team.
Recognition from Nokia:
Just when I thought my efforts might go unnoticed, I received an email from the Nokia Security Team. They thanked me for my findings and informed me that my name would be added to their Hall of Fame. Overjoyed, I promptly replied, requesting my name to be listed as “Umair Farooqui”.
Email Exchange:
Hall of Fame Listing:
About five days later, I eagerly checked Nokia’s Hall of Fame page, and there it was — my name, proudly displayed among other security enthusiasts. What a moment of pride and accomplishment!
Conclusion:
Being recognized by Nokia for my contributions to their security has been an incredible experience. It’s a reminder that dedication and perseverance pay off, even in the world of cybersecurity. I’m grateful for the opportunity to make a difference and look forward to continuing my journey in securing digital spaces.
Stay tuned for more adventures in cybersecurity!
Umair Farooqui
