The 5 Hacking NewsLetter 33
Posted in Newsletter on December 25, 2018
Posted in Newsletter on October 1, 2018
Hey hackers! This is our latest selection of resources for pentesters and bug hunters. It covers the week from 21 to 28 of September.
5 Tips Bug Bounty Programs Want You to Know About by @d0nutptr
Lately on Twitter, there has been a lot of controversy/noise/discontentment around bug bounty platforms, particularly HackerOne. Personally, I believe that the best way to succeed and be happy at work in general is to have a flawless attitude, give constructive criticism, then, if you’re really not happy with your work environment, move on to another one.
With this same spirit, this blog post offers great information that could help you improve your bug hunting experience. It’s a must read.
Thick Client - Attacking databases the fun/easy way by Richard Clifford
This is a very simple bug with high impact: by analyzing a desktop application’s traffic, Richard found database credentials sent over a clear-text connection. He used them to remotely connect to the database, dump its contents and (because it was running as SYSTEM!) create new users on the system and pivot through the network.
Testing thick clients is not necessarily complicated and could allow you to discover high reward bugs without much effort.
- gimmecredz for Linux by @0xmitsurugi
- PassCat for Windows by @maldevel
These are two tools to use post-exploitation, to extract passwords from many known locations like files, browsers, apps, etc.
There are many cheatsheets out there to follow once you have a foothold on a target, and also tools for generic information gathering and privilege escalation, but it’s the first time I see tools that gather credentials specifically. This is very handy for pentesters, especially if you lack time and want to quickly gather sensitive information for a PoC or for pivoting.
BugBountyNotes, particularly the Challenges & Tutorials section by @zseano
@zseano did an amazing job with this site! It has several good sections all dedicated to bug hunting: forum, challenges, tutorials, references to tools, bug bounty programs, disclosed bugs… Other features are also on the way.
If you haven’t already checking it out, I recommended starting with the challenges and the Hacking with ZSeano: Recon Part two tutorial.
We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 09/21/2018 to 09/28/2018
Have a nice week folks!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…