The 5 Hacking NewsLetter 86
Posted in Newsletter on December 31, 2019
Posted in Newsletter on April 30, 2019
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 19 to 26 of April.
I haven’t had the time yet to do this CTF, but it’s on my todo list because it seems different. It’s a Web CTF that involves multiple subdomains, directory bruteforce, and different attack vectors.
So it’s a nice opportunity to practice recon. But make sure to respect the rules (attacking the infrastructure/ports other than 443 is not allowed).
Session fixation on Shopify ($5,000)
This is an excellent session fixation report. It is well-written, detailed and a good example of a real-life session fixation attack. So it’s a great read if you want to learn about this kind of bugs.
Also, it’s interesting to see how @filedescriptor found the bug and chained it with an out of scope vulnerability: He found an XSS but XSS was out of scope. So he kept playing with the apps and noticed that some session IDs generated didn’t change after logging in, which meant session fixation. So he leveraged the XSS to exploit the session fixation.
“CI Knew There Would Be Bugs Here” — Exploring Continuous Integration Services as a Bug Bounty Hunter A list of the most common [secure] variables from 5,302,677 build logs on Travis CI
This is awesome research and collaborative work! I loved reading about:
Keyhacks is a Github repo listing ways in which API keys can be checked to see if they’re valid.
It can be handy to quickly show the impact of API keys leaked by bug bounty targets. It’s particularly interesting after reading the research about finding sensitive information in Travis CI logs.
How to Hunt Bugs in SAML; a Methodology - Part I, Part II & Part III
If you’ve come accross SAML during testing and didn’t know which kinds of bugs to look for, these tutorials are for you!
They’re a good introduction including how SAML works, common vulnerabilities, tools, a testing methodology, and resources.
See more writeups on The list of bug bounty writeups.
We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 04/19/2019 to 04/26/2019
Have a nice week folks!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…