The 5 Hacking NewsLetter 107
Posted in Newsletter on May 27, 2020
Posted in Newsletter on January 21, 2020
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 10 to 17 of January.
SEC642: Killing snakes for fun, Flask SSTIs and RCEs in Python (Free registration required)
This is an excellent course on SSTIs with a focus on Python frameworks.
I love that it does not only explain how SSTIs work and how to escalate them to RCE, but it also mentions a lot of background information to understand the big picture: Why Python frameworks were created, how they work, the history of Python and Flask, etc.
Advisory | Seagate Central Storage Remote Code Execution 0day
This is a nice example of RCE found using security code review with a bottom-up approach. It also shows how to reverse and analyze the firmware of a NAS.
Both RCE and code review can be intimidating. But the way everything is broken in this writeup makes them seem easy to follow even for beginners.
There is a plethora of XSS challenges but labs for GraphQL bugs, JWT, SSRF, SSTI, lack of rate limiting, etc, are rarer. So, these labs are perfect if you want to play with these vulnerabilities and many others. The best part is that detailed walkthroughs are provided for each bug.
As always, a great tutorial video by @InsiderPhD! I think this is the best introduction to APIs I’ve ever seen. It covers everything you need to start exploiting them ASAP: What APIs are, how to find and enumerate them, types of APIs (REST, SOAP, GraphQL), what is JSON, what bugs to look for, how to take notes, etc.
Did you know that macros are not the only way to deal with CSRF tokens in Burp?
@Agarri_FR shows in great detail how to use Intruder Pitchfork to mimick manually replacing the CSRF token with the latest value sent by the server, and the advantages over macros.
See more writeups on The list of bug bounty writeups.
We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 01/10/2020 to 01/17/2020.
Have a nice week folks!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…