The 5 Hacking NewsLetter 33
Posted in Newsletter on December 25, 2018
Posted in Newsletter on March 19, 2018
Hi, I’m very happy to present you this week’s five items! They each taught me something that I’ve started using or added to my pentest/bug bounty checklist.
I enjoyed reading this Web Application Vulneability Scanners Benchmark for its precision and the number of open source tools mentioned.
Currently, I’m only using Burp Pro and none of the free open source scanners. But after reading this benchmark, I think I’m going to start playing with some of the open source tools too. ZAP and Arachni in particular seem to complement Burp Pro for all the vulnerability classes tested.
Great tip by Florian Hansemann:
I have to admit, to my shame, that I wasn’t aware of this Netcat option. So if you’re not either, this is the secure way to use Netcat (like you would use sftp and not ftp):
ncat -ssl $IP $PORT.
LFI to RCE via access_log injection
LFI to shell - Exploiting Apache access log
This is an old but classic technique for escalating from LFI to RCE by exploiting the Apache access log. I loved reading these two articles that give concrete examples and step by step instructions to understand how it works.
“Let me reset your password and login into your account” - How I was able to compromise any user account via reset password functionality
Avinash Jain has many other good write-ups like How I could book cab using your wallet money in India’s largest auto transportation company! or LinkedIn - How I was able to bypass Open Redirection protection.
He writes mostly about simple vulnerabilities he finds on Indian sites.
I feel like bug bounty write-ups can sometimes be so complicated to understand for beginner bug hunters. Vulnerabilities are getting more and more complex as there is more and more competition.
So if you’re starting bug bounty hunting, simple bugs like these will show you the basics and help put you in the right mindset. They’ll ease your way into understanding and searching for more elaborate and more rewarding bugs.
SANS published this new poster this week. If you’re more interested in one section (BASH, Python, Powershell..) more than the others, they have also provided mini posters and desktop wallpapers that are specific to each section.
See you next time!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…