Telegram Web 0.5.5 Empty Username Bypass
Posted on 30 November -0001
<HTML><HEAD><TITLE>Telegram Web 0.5.5 Empty Username Bypass</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>######################################################################### # Exploit Title: Telegram Web Empty Username Bypass # Date: 18/10/2016 # Author: Ashiyane Digital Security Team # Software Link: https://web.telegram.org # version : Telegram Web 0.5.5 # Tested on: Windows 7 ########################################################################## Description: Telegram filters null bytes for username input but you can bypass this filter with "NOP"s (0x90) on web version of Telegram because this filter isn't from server's codes side ########################################################################## Step 1: First you must decode "0x90" with hackbar or ... ------------------- Step 2: Go to https://web.telegram.org. Then go to "Settings" tab. Then click on your username and change it to decoded hex. ------------------- Now you have an empty username. When someone forwards your messages, other peaple can't locate your profile from forwarded messages. ########################################################################## # Discovered by : MALWaRE43 ##########################################################################</BODY></HTML>
