The 5 Hacking NewsLetter 103

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 17 to 24 of April.

T5HN103.png

Our favorite 5 hacking items

1. Paper of the week

Uninitialized Memory Disclosures in Web Applications

This is an excellent paper on memory disclosure vulnerabilities in Web apps. The author focuses on bugs caused by image parsing errors, such as ImageTragick, but shows how to extrapolate the attacks to libraries other than ImageMagick.

If you want to take a deep dive into this kind of bugs, this is a great opportunity. A lot of resources are provided from tools for automated detection, to a test environment, writeups, and external links on memory leaks.

More …

The 5 Hacking NewsLetter 102

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 10 to 17 of April.

T5HN102.png

Our favorite 5 hacking items

1. Resource of the week

Attacking and Auditing Docker Containers and Kubernetes Clusters

After last week’s training on AWS and Azure, @appseccouk is now generously open sourcing another complete training course. This one is about hacking Docker containers and Kubernetes clusters. It includes documentation, Docker Lab virtual machines and an intentionally vulnerable Kubernetes cluster (Google Cloud).

More …

The 5 Hacking NewsLetter 101

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 03 to 10 of April.

T5HN101.png

Our favorite 5 hacking items

1. Article of the week

Same Same But Different: Discovering SQL Injections Incrementally with Isomorphic SQL Statements

This is an excellent article on detecting SQL injections in a way that triggers less WAFs, and is more efficient than blindly firing random payloads.

The idea is to submit payloads that would have the same value if not properly sanitized (e.g. ?ID=1 and ?ID=2-1). If the output is the same, especially in multiple occurrences on the app, it indicates potential SQL injections. What can be automated is not the final payload, but testing for interesting behavior that calls for more manual tests.

This is not a new technique. @spaceraccoonsec shows examples of tools and research based on the same idea. But maybe this is the new way to test for injections in hardened targets.

More …

Free online conferences calendar

Hi! As you probably noticed, the number of online talks exploded since most people are in lockdown.

So, this is a little calendar of free online conferences and meetups for bug hunters and pentesters scheduled for the next few weeks.

If you know any other interesting ones, you can share them as a comment or on Twitter, and I’ll update the list.

conference-calendar.png


See you next time!


The 5 Hacking NewsLetter 100

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 27 of March to 03 of April.

T5HN100.png

Our favorite 5 hacking items

1. Slides of the week

Attacking Secondary Contexts in Web Applications

@samwcyo’s Kernelcon talk explores attacking various secondary contexts (APIs, reverse proxies, middleware) in Web applications. He shows how to detect application routing (in black box), and examples of vulnerabilities that can result from interactions between different servers.

This is excellent research and an interesting area to explore further. The talk video is not available yet, but will be released soon hopefully.

Also good to know, you can reproduce the last trick (Authy 2FA bypass) in @PentesterLab’s “Idor to Shell”.

More …